What is a Web Gateway and why do I need it?
If you depend on the Web to do business, no matter the size of your company, you need Web Security and Optimization. CacheGuard features allow you to easily achieve this goal with innovative technologies in a unique box. With CacheGuard, you keep out malware, save your bandwidth for your business, protect your proprietary information, increase and maintain productivity of your workers by limiting access to social networking or other undesirable or time wasting sites and control/deny access to the Internet to specific populations and much more.
You can either place CacheGuard in front of your Web surfers or in front of your Web Servers to protect them from threats coming from the Internet and optimize your Web traffic. All CacheGuard features are available for both types of protection at the same time in one box at the gateway.
Can be implemented in 2 forms
CacheGuard is available as an Operating System (OS) to install on a hardware or virtual machine of your choice. Once installed on a machine, it turns that machine into a powerful Web Gateway Appliance. The resultant appliance embeds all CacheGuard features described below that can all be turned on at the same time if desired.
We also provide CacheGuard VE (Virtual Edition) and CacheGuard HW (Hardware) based on CacheGuard OS. You specify your needs and we build your customized appliance. Whether you select the OS, VE or HW form, all CacheGuard features will be available in your appliance.
Setting up a Web Gateway like CacheGuard, which integrates numerous software, adequate hardware and proprietary developments, requires time, money and moreover, advanced technical know-how. CacheGuard is your answer to finding an Off-the-Shelf Web Gateway Appliance that secures and optimizes Web traffic, all in one package. CacheGuard solutions let you concentrate on your core business by managing your highly important Web traffic on which your business depends.
Implementing CacheGuard appliance in your infrastructure is as simple as choosing a machine, installing CacheGuard OS on it and setting up some basic configurations, which can be done in less than 15 minutes. With CacheGuard solutions you are never alone. Our experts can assist you in all phases from choosing the best machine for your needs to setting up sophisticated configurations.
CacheGuard for Web Application providers
CacheGuard secures and optimizes Web traffic not only destined to Web surfers but also Web traffic destined to Web servers. If you have your own Web applications hosted in your infrastructures you are vulnerable without solutions that protect your Web servers and Data Bases from threats coming from the Internet. Also you need to have a 24/7, fast, reliable and scalable solution in order to ensure your visitors continued loyalty. CacheGuard Web Gateway Appliance can be implemented in front on your Web applications to Secure and Optimize your Web traffic so you can concentrate on the development of your Web applications.
CacheGuard features help ensure secure and optimized Web traffic to you and your customers with very little effort.
CacheGuard Features Overview
CacheGuard features include all security and optimization functionalities you may need for your Web traffic. Those features, together in one box at the gateway, allows you the highest level of integration to secure and optimize your Web traffic.
The antivirus inspects all incoming Web traffic at the gateway and instantly eradicates all suspicious objects before they can enter into your network. CacheGuard features include an antivirus at the gateway.
CacheGuard scans Web traffic and inspects all objects more deeply than a traditional antivirus/anti-malware installed on each computer, rejecting viruses, trojans, worms and other malware before entering your network from the Web. As CacheGuard includes a cache, the antivirus scans each cached object only once, thus saving hardware resources for other features. CacheGuard antivirus is a complementary technology to traditional antiviruses installed on computers reinforcing your protection against malware threats coming from the Web.
CacheGuard detects over 530,000 malware and its database signature is updated 48 times per day.
URLfiltering (URLfiltering) is a core part of Web security. CacheGuard features include a guarding mechanism against unwanted URLs. CacheGuard uses URL blacklists, white lists or regular expressions to allow or disallow websites thus increasing productivity while keeping you safe by preventing access to malicious websites.
URL filtering prevents access to unauthorized or malicious websites, protects your network from malware, spyware and other threats, and helps ensure that users are productive during business hours.
To facilitate your Web guarding policy we provide blacklists that contain thousands of URLs. You can find more information on our blacklist service at: www.cacheguard.com/index.php/url-blacklists/.
CacheGuard features include a network firewall to protect individual computers, servers and corporate networks from hostile intrusions from the Internet.
CacheGuard enables stateful packet filtering, Network Address Translation (NAT) and Port Address Translation (PAT). CacheGuard’s embedded firewall is fully customizable to fit your needs. It natively integrates smart rules that block attacks such as DDOS (SynFlood, Smurf, XMas…) and IP spoofing.
CacheGuard features include a Web proxy that acts as a web accelerator to reduce website access times for both internal Web surfers and external users accessing internal Web servers.
By caching and compressing Web traffic, CacheGuard acts as a Web accelerator to optimize the Web usage for your end-users. Using HTTP compression, Web content caching and bandwidth allocation, CacheGuard improves Web application performance, saves your precious bandwidth and consequently lowers costs in the data center.
CacheGuard increases user satisfaction by reducing server load, compressing web traffic and cutting Web page response times.
CacheGuard features include a packet shaping mechanism to distribute appropriate bandwidth to end-users, allowing you to give your power users quicker access to information.
While implemented in front of your Web applications, CacheGuard manages generated Web traffic so you can affect more bandwidth to your more critical applications giving them a higher level of service. Reserving adequate bandwidth for applications ensures that applications are always available to serve end-users according to their critical need for your business.
In addition, CacheGuard schedules the transmission of packets. The goal is to ensure fairness so that each Web user in a subnet is able to receive data in turn, thus preventing any single user from drowning out the rest. The Web traffic scheduling is automatically activated when the QoS feature is activated so all end-users in a subnet shaping class are served equitably.
Using the Web for your business, you need to have Internet connectivity at the lowest cost but the highest Quality of Service (QoS).
Sharing a low bandwidth Internet access among several users may probably be a good low cost solution but low bandwidth also means low QoS.
To offer a better Internet connectivity you could buy more bandwidth from your ISP but instead, since CacheGuard optimizes Web traffic, you can share an Internet line, initially foreseen for a single user, among many users without affecting its Quality of Service.
CacheGuard features include a Web Authentication module in conjunction with the existing LDAP servers in your infrastructure to manage Web accesses.
Authentication is used to restrict Web usage to authenticated users only. CacheGuard allows you to authenticate both internal Web surfers and external users accessing internal Web applications protected by CacheGuard.
Clear LDAP (without encryption), LDAP over SSL/TLS and SSL/TLS encryption within LDAP are supported by CacheGuard.
Web Application Firewall
CacheGuard features include a WAF (Web Application Firewall) that protects your Web applications from a range of content oriented attacks. CacheGuard protects your Web applications against:
Protocol Violations, Protocol Anomaly, Bad Robots, Session fixation, Blind SQ injection, SQL injection, XSS (Cross Site Scripting), File injection, Command access, Command injection, Cold Fusion injection, LDAP injection, SSI injection, PHP injection, Trojans, Outbounds, Marketing.
As a Web content filtering system, CacheGuard needs to look at the content of your Web traffic content. For that reason, CacheGuard features include an SSL off loader for your Web servers.
CacheGuard provides secure access to any user from any location with any client device. Placed in front of your Web application servers, it acts as an SSL terminator to create flexible, easy-to-manage, high-performance SSL solutions. CacheGuard decrypts the SSL-encrypted data and sends it on backend Web servers in an unencrypted state. This allows the appliance to control and filter Web contents.
The SSL mediation allows you to decrypt HTTPS traffic at the gateway point in order to cache, inspect its contents and possibly block unwanted contents.
When the SSL mediation is activated the system re-encrypts decrypted traffic before forwarding it to the end-user. To do so it dynamically generates SSL certificates and signs them using its own CA (Certificate Authority) certificate. Of course to make this work the system’s CA certificate should be imported to the end-user Web navigator prior any attempts to access an HTTPS website.
Web Load Balancing
CacheGuard provides scalable architecture to provide the right quality of service at the right time. Implement your first CacheGuard appliance for your current needs and switch to a dual appliance architecture later if necessary.
Balance the total Web application load among your Web servers and make sure your users always have access to Web applications even when one or more Web servers are down. Use CacheGuard in reverse mode to balance backend servers or in forward mode in conjunction with Cache Array Routing Protocol (CARP).
The CacheGuard’s high availability feature provides your customers and employees with continuous uninterrupted access to the applications and data they need to take care of business.
One of the most important issues for Internet & Web Application Service Providers is the SLA (Service Level Agreement). CacheGuard’s High Availability feature eliminates SPoF (Single Point of Failure) and assures a high availability rate through the use of redundant CacheGuards and links. Use redundant CacheGuards to avoid website/application or internet connectivity unavailability by eliminating Single Point of Failure (SPoF).