Web Secure Gateways - Taking it on the cloud
Posted on 2009-07-09
Hi all...am here to seek your opinions.
Time has come for our Web Proxy / Cache renewal. I was wondering if it's the right time to look at alternative technologies. Our Current Web Proxy gateway belongs to the categories of Blue Coat / Secure Computing's Webwasher appliances.
I was looking at Messagelab's offering of provisioning Web security services and McAfee who now owns Secure Computing, start up its own Web Protection service. This is equivalent to taking this securing the web gateway service on the cloud with brings about reduction of admin costs.
What are the caveats here? For sure I would lose the local caching aspect bringing about a certain delay in responses to oft visited sites.
The questions are:
1. What are my options to keep a server (squid /ISA etc) internally for caching purposes while use these SaaS providers for everything else?
2. I need to undertake bandwidth management, assigning quotas of the total Internet bandwidth to different Active Directory group members. For example, my SLA with Dept. of Marketing is that they would be provided with 4MB of total Internet bandwidth at all times and Engineering would receive 8MB. I have Cisco Routers 2800s and ASA 5520 firewalls at the perimeter. Can I use these in any way?
3. If I take these services out on the cloud, how would I assign Internet browsing policies which are integrated with my AD groups? ( Maybe this is a question to be asked with messagelabs or McAfee but just thought of asking here for someone might have been there and done that.