Protect against every kind of threat and ensure strict compliance with policies - without slowing down your users.

Hackers like weak links—you need to cover all your bases (including user productivity).

Today's hackers are incredibly sophisticated, and they have a lot of tools and techniques at their disposal. It's not enough to understand past attacks and prevent others just like them—you also need to protect against attacks you don't know about. How do you fight the unknown? Comodo Dome Secure Web Gateway delivers a suite of security capabilities to identify and stop any kind of malicious activity from getting in. And it does so without affecting the experience of your legitimate users. After all, they still need to do their jobs.

Key capabilities

  • Comprehensive: Leverages the world's largest crowd-sourced threat intelligence. of websites.
  • Flexible: Lets you create user-based groups for granular policy management.
  • End user-friendly: Uses portable containment and cloud sandbox technology for zero impact to the end user.
  • Easy to set up: Downloading and installing the agent is a snap and you'll be up and running before you know it.

Most cybersecurity tools use a "default allow" approach. They let everything in and then determine if something is bad and needs to be blocked. Some tools take a safer "default deny" approach and analyze unknown files before they deliver them to users. The tradeoff, however, is usability as users have to wait for quarantined files that are legit to be released. The Comodo Dome Secure Web Gateway solves this problem using a "default deny" approach that doesn't affect usability.

Auto-containment

Rather than sending unknown files to a sandbox sitting on a server, the Secure Web Gateway runs them in a virtual container right on the user's endpoint while the file is being analyzed. The container allows it to run just as well as it does normally, but prevents the file from accessing the host's resources or user data so it can't damage or infect the system. Comodo's containment technology is extremely lightweight, has no CPU dependencies, and is application-agnostic.

Real-time, cloud-based analysis

While unknown files are running in containment, they are uploaded to the cloud for real-time analysis using Comodo's Valkyrie technology. This global threat cloud, which analyzes 73 billion file queries and 300 million unique unknown files annually, returns a verdict within 45 seconds for 95% of the files submitted. In the 5% of cases where Valkyrie is unable to return a verdict, the file can be sent to researchers for human analysis who make a determination within SLA timelines.

Granular policy management - even off-network

Comodo Dome Secure Web Gateway provides user-, group-, department-, Active Directory-, and location-based web access policy management. Get URL filtering with 80+ categories; build your own black/whitelists; block and delete inappropriate search engine results with safe search enforcement; and block files based on source, category, and file type. You can apply policies to multiple locations and you can even cover roaming users regardless of where they are connecting from.

Managed service option

If desired, we can act as your managed service provider to save you even more time. Our services include installation, set-up, and fine-tuning; creating and refining web access and advanced threat protection policies; monitoring and analyzing risky files; black/whitelisting specific URLs; and more.

Features

Comodo Dome Secure Web Gateway is a 100% cloud-based service. There is a "host it yourself" license available.

Features Cloud
Try it for free
Host it yourself
Try it for free
No hardware, no installation required

100% cloud-based, load-balanced, geo-distributed, highly available cloud infrastructure Countries.

Enforce policies and gain visibility

Per user, group, location, site, and roaming users; integrates easily with Active Directory and SAML

URL and content filtering

80+ content categories, custom black/whitelists, safe search enforcement, country-based blocking, hash-based blocking

File-type control

Granular file-type control rules per true file type, hash, source, and category

Inline advanced threat protection

Block phishing, malware, botnets, C&C callback events, spyware, drive-by downloads, XSS-injected websites, cookie stealing, anonymizers, TOR, encrypted files, and all web-borne attacks

Inline static and behavioral analysis, cloud sandbox

Analyze all inbound traffic with Valkyrie and dedicated Comodo malware analyst; get in-depth malware analysis reports

Inline antimalware and antispyware

Leverage the world's biggest malware signature base

Patented portable containment technology

Prevent unknown files from accessing the host system's resources and user data until a good/bad verdict is returned

SSL inspection

Inline inspection of encrypted traffic and content filtering

Real-time, fully customizable reporting

Monitor web transactions from anywhere, get scheduled reports delivered to your inbox, and generate custom reports using simple widgets

Traffic forwarding

Use Comodo's simple traffic forwarding agent, proxy chaining, ICAP, or direct proxy/PAC

Multi-office, multi-location, and roaming user protection

Cover all your offices and users no matter where they are

Web data loss prevention

Stop exfiltration of sensitive data over web traffic

24x7 phone, chat, and email support
Try it for free Try it for free

Resources

High-level overview of the Comodo Dome Secure Web Gateway including a list of features.

Download the data sheet

More detailed look at how Comodo Dome Secure Web Gateway works.

Download the solution brief