Web Security Gateways Forum

Mehdi Gafsi
‎IT Manager with 51-200 employees
Mar 06 2019
We are a medium size company with 120 employees across 3 offices and growing. We are still debating between a cloud solution such as Zscaler Web Security or iboss and a physical appliance such as Fortigate 201E. Which Web Security Solution do you recommend?
Alex DMy recommendation is Cisco Meraki MX84 with advanced security license (its have two kind of license Advanced security and Enterprise licenses).
Stuart ClowesBluecoat and Forcepoint offer credible solutions. Think through where your users are and what they connect to. A mobile workforce may need an agent and a cloud gateway (unless you force them back to base over VPN) but may give problems if connecting to sites that whitelist you by IP. And not all providers have good global breakout points. Be particularly careful if you work in China.
Jason PooleThis is a "how long is a piece of string?" type question. As the other vendors have said it is hard to recommend something fully without knowing all the background. Your background did stipulate that you had multiple sites and you were growing. Having a traditional deployment scenario will mean that you need to have a "box" at each site and add more boxes as you add more sites. Going with a more modern solution like Zscaler will allow more rapid growth opportunities - just add users, no matter where they are - also this allows you to restrict with a single policy in the cloud rather than on each device. AS others have said, be mindful of the proximity of the Zscaler because of latency, but they do have >100 POPS which you will probably find pretty local. Overall, there is a lot more research you can do, but I'm leaning towards a cloud offering from the branches. You might consider an SD-WAN device at each branch that also has FW built in. This would give you connectivity resilience at a much lower price, but perhaps this is a debate for another day :-)
Vandy Va
Technical Support Manager at a financial services firm
Secure Web Gateways typically consist of a number of features such as malware protection, URL filtering, content filtering, SSL content scanning, web based DLP capabilities. Deployment methods to look for include proxy, in-line and transparent \ bridge deployments as well as port mirroring\span port capabilities, ability to work with and integrate ICAP and WCCP.

Sign Up with Email