PETER WELCHER | Solutions Architect
That’s “dope” as in slang for exceptional. My brain is old enough that it does not default to that interpretation, but YMMV.
Anyway, this is a quick blog to repeat and summarize some info about a security product from Dope Security. I have to agree with them: their Secure Web Gateway (SWG) product does sound “dope” (in the exceptional sense).
What Is It?
The key creative idea behind the Dope SWG is to put virtualized Secure Web Gateway functionality on the end user’s device, rather than tunneling traffic to a centralized set of cloud gateways.
This minimizes latency–with SWG products tunneling to centralized gateways, typing and having one round-trip per keystroke can be a painful, laborious process. Localizing enforcement also eliminates any potential central bottleneck and any possible central point of compromise (e.g. centrally stored SSL keys/passwords). Of course, if the endpoint is compromised in the right way, malware might evade the local SWG. Ditto for central gateways. You pick your poison.
The local SWG eliminates potential connectivity issues with getting to your or a provider’s cloud gateway. Traffic just routes normally.
Dope Security says it works anywhere: in the office, hybrid, WFH, and it supports HTTP/2 for faster access with automated updates.
Also, it is all managed off a central cloud console.
Not mentioned: you do have to be able to install the product. Thus, the product is probably not for IOT (Internet of Things) and proprietary devices, a limitation shared by other SWG end system solutions.
What Does It Do?
Here is the list of Dope Security features:
- SSL Inspection done on-device, no need for stored keys or passwords
- URL Filtering
- Anti-Malware
- Cloud App Controls
- User-Based Policy
- Cloud Console
- Data Visualization(s)
- Mac native or Windows
Etc.
Instant trial: quick deploy, free for 30 days, no commitment.
Links
- https://dope.security
- https://dope.security/blog
- https://www.youtube.com/watch?v=G2amnP8LAG0
- https://www.youtube.com/watch?v=odCg-QW1DAA
Conclusion
I appreciate the distributed filtering of this approach, plus the fact that user traffic is not hidden in tunnels. That in turn means separate network-based flow analysis can still detect flow patterns suggestive of malware or hacker activity. Belt and suspenders!