Solved

Web Gateway - basics

Posted on 2012-03-27
8
474 Views
Last Modified: 2012-04-02
Can I ask in real management jargon friendly speak – is it common for more complex networks (many sites) to have more than one internet service. By internet service I mean your employees ability to access www.google.com from a corporate asset (what is the technical term)? My concern is, it seems a common assumption that all staffs internet activity goes through the same internet gateway, so it’s a case of just deploying one monitoring tool there and that will cover all staff. But I am not sure if that’s a bit of an age old assumption, and maybe modern networks have multiple web gateways?

Are there any specific cases whereby networks would need more than 1 internet “gateway”? Can you provide some examples where this would be the case? Or is it common for most medium size networks to have just the one internet gateway? And thus there’s just one to manage. Is there anyway users can be made exempt from the restrictions of the internet filter, ie.websense? And go through another gateway, or bypass the restriction policies?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 5

Accepted Solution

by:
abhishek1986 earned 167 total points
ID: 37770568
When you say gateway, do you mean ISPs or just the exit point from your internal network to external network.
Common practice is to have a firewall between the external and the internal network. Thus making the Firewall a gateway for the internet.
Now, there may be scenario where there are multiple service providers giving an increased bandwidth and redundancy for internet. It is different from what a gateway is. Most medium and large Business organizations use one gateway. But in some situations there may be a case of having multiple gateways for internet.
Now, about being exempt from websense, it depends on what sort of filtering policies is applied and where is Websense software actually sitting on the network. But I am sure there will be ways to tunnel through the filter.
0
 
LVL 3

Author Comment

by:pma111
ID: 37770718
>When you say gateway, do you mean ISPs or just the exit point from your internal network to external network.

Just the exit point

>... and where is Websense software actually sitting on the network

Could you expand here? In terms of "if its sitting here, these users can bypass, if its sitting here, no-one can bypass" etc
0
 
LVL 3

Author Comment

by:pma111
ID: 37770720
Can you explain what a "gateway" is in management speak? Is it just an open port on the firewall?
0
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

 
LVL 5

Expert Comment

by:abhishek1986
ID: 37770818
No. Gateway is a point from where a packet will go out of one network into another. It can be anything. For understanding purpose, a Physical port on your firewall may be configured as a gateway. When you see the network configuration of your NIC, you see an IP Address, subnet and a Default Gateway. So it is an address where the packet will be sent to if the NIC does not know what to do with the packet.
Now websense ideally sits on the Proxy servers or the internet providing servers. So you will have to go through them all the time to access the internet. If websense sits on some other server and you have some route available to avoid the websense server than you can bypass it. Otherwise, you can use tunneling to access restricted sites. I won't be able to exactly tell you how to do that but it is possible but very tricky and you will have to come up with new ways very frequently.
0
 
LVL 3

Author Comment

by:pma111
ID: 37770823
By tunnel are you on about the proxy avoidance sites? Or something else
0
 
LVL 5

Expert Comment

by:abhishek1986
ID: 37771881
By tunneling, I mean using proxy sites that can cover up your actual sites and let them go through encapsulated. But websense blocks porxy sites too.....as soon as it knows of any proxy sites, it blocks it. So you may have to change proxy servers continuously.
0
 
LVL 2

Assisted Solution

by:BDC-Net
BDC-Net earned 167 total points
ID: 37772001
Your question really depending on your needs as a company. I work for a company where the internet in vital for operations and the company runs 24x7, so we have two internet connections to two different Internet Service Provides in two different locations using two different firewalls and Internet Filtering devices (web gateways). This way we can pretty much ensure that internet is always up. If the internet isn't that important and the geographical locations to your sites aren't too far apart then I would say one internet connection should be fine. It really just depends on what you need.
0
 
LVL 5

Assisted Solution

by:OOsorio
OOsorio earned 166 total points
ID: 37777218
As mentioned previously, it varies from company to company depending on the needs. Some separate VOIP traffic from data traffic by having more than one internet provider and separate gateways.
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question