DATA SHEET

McAfee Web Gateway Security. Connected Intelligence. Performance.

Organizations can do more over the web today than ever before. Today’s web offers a McAfee Web Gateway dynamic, real-time user experience. However, the web has also become a more dangerous ■■ ® Available in multiple hardware place, with increasingly sophisticated attacks released every day. McAfee Web Gateway models and as a virtual machine is a critical defense for any organization to protect against emerging malware threats. It supporting VMware and Microsoft empowers organizations with secure internet access while greatly reducing risk through an Hyper-V ■■ Integrated with complementary advanced security approach that combines powerful, local intent analysis with cloud-based McAfee solutions including protection powered by McAfee Labs. McAfee Endpoint Security, McAfee Advanced Threat Defense, and McAfee Threat Intelligence As internet use and sophistication increases, so does Comprehensive Inbound and Outbound Exchange the need for advanced web security. Even seemingly Protection ■■ Common criteria EAL2+ and FIPS 140-2 Level 2 certified “safe” sites can be targeted for malware distribution. McAfee Web Gateway delivers comprehensive security ■■ Support for multiple cryptographic In today’s world, simply blocking known viruses or for all aspects of web traffic in one high-performance restricting access to known bad websites is not enough. key storage options, including appliance software architecture. For user-initiated Gemalto SafeNet Hardware Reactive techniques, such as signature-based antivirus web requests, McAfee Web Gateway first enforces an Security Module (HSM), Thales and category-only URL filtering—while necessary—are organization’s internet use policy. For all allowed traffic, nShield HSM, and Thales PCIe insufficient to protect access to cloud applications or it then uses local and global techniques to analyze the cards combat today’s exploits. nature and intent of all content and active code entering ■■ Rated number one anti-malware in a secure web gateway (AV-TEST) Since these solutions focus on known content and the network via the requested web pages, providing malicious objects or executables, they can’t prevent immediate protection against malware and other hidden today’s attacks that hide malicious code within threats. And, unlike basic packet inspection techniques, seemingly trustworthy HTTP or HTTPS traffic or provide McAfee Web Gateway can examine secure sockets protection against unknown or emerging threats. layer (SSL) traffic to provide in-depth protection against Connect With Us The ability to enable secure, granular access to cloud malicious code or control applications that have been applications while proactively blocking unknown as well hidden through encryption. as known threats is crucial.

1 McAfee Web Gateway DATA SHEET

Inbound protection also mitigates risks for organizations We combine this analysis with McAfee antivirus and hosting websites that accept data or document uploads global reputation technologies from McAfee Labs to from external sources. In reverse-proxy mode, McAfee quickly block known malware and malicious sites. Use Web Gateway scans all content before it is uploaded, of multiple technologies enables McAfee Web Gateway securing both the server and the content. to provide greater protection while optimizing security on a single platform with different, yet complementary, To secure outbound traffic, McAfee Web Gateway technologies—something many organizations demand uses industry-leading McAfee Data Loss Prevention for their layered defense security approaches. technology to scan user-generated content on all key web protocols, including HTTP, HTTPS, and FTP. It ■■ McAfee antivirus with real-time McAfee Global also protects against loss of confidential, sensitive, or Threat Intelligence (McAfee GTI) file reputation: regulated information leaking from the organization Cloud-based McAfee GTI file reputation look-up closes through social networking sites, blogs, wikis, or online the gap between virus discovery and system update/ productivity tools such as web-based mail, organizers, protection.

and calendars. McAfee Web Gateway further safeguards ■■ McAfee GTI web reputation and web against unauthorized data leaving the organization categorization: McAfee Web Gateway delivers through bot-infected machines attempting to phone web filtering functionality and protection through home or transmit sensitive data. the powerful combination of both reputation and McAfee Web Gateway Delivers the Industry’s category-based filtering. McAfee GTI creates a Best Protection profile of all internet entities—websites, email, and IP addresses—based on hundreds of different As the number one-rated1 web security solution in attributes gathered from the massive, global data malware protection, McAfee Web Gateway uses a collection capabilities of McAfee Labs. It then assigns patented approach to signatureless intent analysis with a reputation score based on the security risk posed, the McAfee Gateway Anti-Malware Engine. Proactive enabling administrators to apply very granular rules intent analysis filters out previously unknown, or zero- about what to permit or deny. day malicious content from web traffic in real time. By ■ scanning a web page’s active content, emulating and ■ Geolocation: McAfee Web Gateway features understanding its behavior, and predicting its intent, geolocation, enabling geographic visibility and policy McAfee Web Gateway prevents the delivery of zero-day management based on the web traffic and user’s malware to endpoints, dramatically reducing the costs originating country. associated with system cleanup and remediation.

2 McAfee Web Gateway DATA SHEET

For both web categorization and web reputation, response through efficient correction of compromised organizations can choose between on-premises and systems. Through McAfee Threat Intelligence Exchange, cloud lookups, or a combination of both. Cloud lookups McAfee solutions—including McAfee Web Gateway— eliminate protection gaps between discovery/change share intelligence with each other to bridge these gaps. and system updates, along with delivering broad McAfee Web Gateway delivers immense value in this coverage through data on hundreds of millions of unique process by creating and sharing new file reputations malware samples. for zero-day malware discovered by the Gateway Anti-Malware engine, allowing, for example, endpoint Advanced Threat Analysis integration devices to be protected before a new .DAT is released. McAfee Web Gateway integrates with McAfee Advanced Additionally, more threats are stopped by McAfee Web Threat Defense—our advanced malware detection Gateway with expanded threat intelligence delivered technology that combines customizable sandboxing with from McAfee Threat Intelligence Exchange. in-depth static code analysis. McAfee Advanced Threat Defense and the in-line scanning capabilities of the Insight and protection within encrypted traffic Gateway Anti-Malware Engine in McAfee Web Gateway Sophisticated cybercriminals have turned to SSL provide the strongest protection available for internet- traffic (HTTPS and HTTP/2) as a backdoor through delivered threats. Organizations that want a lower cost, the enterprise security barrier. Ironically, a protocol simplified advanced threat analysis option can integrate designed to provide security must also be assessed for McAfee Cloud Threat Detection, a cloud-based sandbox risk. McAfee Web Gateway integrates malware detection, with multiple additional threat analysis layers. SSL inspection, and certificate validation together for a comprehensive approach to encrypted traffic inspection. Threat Intelligence sharing Today, many security tools exist in silos and are not built There’s no need for an additional investment in SSL to share threat intelligence, despite the fact that key scanning hardware—McAfee Web Gateway performs intelligence is available at the endpoint, network, security all of this in a single hardware or virtual appliance information and event management (SIEM) solution, architecture. McAfee Web Gateway directly scans all SSL gateway, and more. When shared, this intelligence traffic to ensure the complete security, integrity, and can be utilized for better protection against threats, privacy of encrypted transactions. detection of existing breaches, and improved incident

3 McAfee Web Gateway DATA SHEET

Organizations that want to take the initiative to go Protection for off-network users deeper into their inspection of SSL traffic can offload As the workforce becomes more distributed and the entire stream of unencrypted traffic or individual mobile, the need for web filtering and protection while streams by policy through the SSL tap within McAfee seamlessly transitioning from the office to the road Web Gateway. This software-enabled feature allows becomes increasingly important. McAfee Client Proxy, a full or partial mirror of decrypted SSL traffic to be a tamper-resistant client agent, enables roaming users sent to additional security solutions such as intrusion to seamlessly authenticate and redirect to either prevention systems (IPS) or network-based data loss an on-premises McAfee Web Gateway located in a prevention (DLP) solutions. demilitarized zone (DMZ) or the McAfee Web Gateway Data loss prevention Cloud Service. This enables internet access policy enforcement and full security scanning to be applied to McAfee Web Gateway protects organizations from roaming or remotely located users, even if their internet outbound threats—such as leakage of confidential access is via a public portal, such as at a coffee shop, information—by scanning outbound content over all key hotel, or other Wi-Fi hotspot. web protocols, including SSL. This makes it a powerful tool for preventing intellectual property loss, ensuring McAfee Web Gateway also allows enterprises to extend and documenting regulatory compliance, and providing and enforce their security policies on mobile devices by forensic data in the event of a breach. Leveraging the directing web traffic to McAfee Web Gateway. Through power of the McAfee Data Loss Prevention solution set, our partnerships with mobile device management McAfee Web Gateway includes built-in, predefined DLP providers AirWatch and MobileIron, McAfee Web dictionaries and enables custom dictionaries to be created Gateway ensures that Apple iOS and Google Android through keyword matching and/or regular expressions. mobile devices are secured with advanced anti-malware protection and corporate web filtering policies. For organizations that utilize cloud-based storage, built- in file encryption protects data that is uploaded to file sharing/collaboration sites against unauthorized access. Users cannot retrieve and view the data without going through McAfee Web Gateway.

4 McAfee Web Gateway DATA SHEET

Ultimate Flexibility with McAfee Web Gateway McAfee Web Gateway authentication engine allows McAfee Web Gateway features a powerful, rules-based administrators to implement flexible rules, including engine for policy flexibility and control. To streamline the use of multiple authentication methods. For policy creation, McAfee Web Gateway offers an extensive example, McAfee Web Gateway can try to transparently prebuilt rules library with common policy actions. authenticate a user and, based on the result, prompt the Organizations can pick and choose various rules, easily user for credentials, use another authentication method, modify these rules, and share their own rules through apply a restrictive policy, or simply deny access. our online community. For advanced administration, a McAfee Web Gateway Identity, an optional add-on, unique combination of context-based rule criteria and includes single sign-on (SSO) connectors for hundreds shared lists opens the door to unlimited possibilities of popular cloud-based applications. McAfee Web for problem solving and web security optimization. Gateway Identity provides the ability to improve security Interactive rules tracing simplifies rules debugging. and reduce password-related help desk calls using an McAfee Web Gateway extends control to cloud SSO launch pad where users can access authorized applications, enabling granular, proxy-based control over cloud applications with one click. Support for both how web applications are used. Organizations can apply HTTP power-on self-test (POST) and security assertion thousands of controls to cloud applications, enabling markup language (SAML) connectors provide coverage or disabling specific functionality as needed, controlling for a wide range of applications. Provisioning connectors who uses a web application and how it is used. Do you enable system administrators to create and terminate want to enable access to Dropbox but not allow uploads? user accounts on select Software-as-a-Service (SaaS) No problem. applications.

Flexibility and control also extend to user authentication McAfee Web Gateway extends access control to and access. McAfee Web Gateway supports streaming content through native streaming proxy numerous authentication methods, including NT LAN support as well, providing bandwidth savings and manager (NTLM), remote authentication dial in user reduced latency. Additional bandwidth controls can be service (RADIUS), Active Directory (AD)/lightweight set to enforce minimums, maximums, and prioritization directory access protocol (LDAP), eDirectory, cookie for defined classes of traffic, allowing organizations to authentication, Kerberos, or a local user database. The optimize use of their available bandwidth.

5 McAfee Web Gateway DATA SHEET

Agile Infrastructure and Performance with With support for numerous integration standards, McAfee Web Gateway McAfee Web Gateway is designed to work in your unique McAfee Web Gateway is a high-performance, enterprise- environment. From the web cache communication protocol grade proxy offered in a scalable family of appliance (WCCP), internet content adaptation protocol (ICAP/ICAPS), models with integrated high availability, virtualization and WebSocket protocol to the socket secure (SOCKS) options, and hybrid deployment with McAfee Web protocol, McAfee Web Gateway efficiently communicates Gateway Cloud Service. McAfee Web Gateway delivers with other network devices and security appliances. deployment flexibility and performance, along with the Additionally, McAfee Web Gateway offers IPv6 support, scalability to support hundreds of thousands of users in helping larger organizations and federal institutions a single environment. comply with regulations. McAfee Web Gateway You can mix deployment options as well. For example, bridges the gap between internal IPv4 and external you can route all web traffic to the on-premises appliance IPv6 networks and applies all available security and for on-network users, and route all off-network users infrastructure features and functions to the traffic. to the cloud service, dramatically reducing the cost of Unified Platform for the Future backhauling traffic over multiprotocol label switching McAfee Web Gateway combines and integrates (MPLS) lines or virtual private network (VPN). Automated numerous protections that would otherwise require policy synchronization and reporting for hybrid on- multiple standalone products. URL filtering, antivirus, premises and cloud deployments help streamline zero-day anti-malware, SSL scanning, data loss management, ensure consistent policy enforcement, and prevention, and central management—all are unified simplify reporting, tracking, and investigation. in one appliance software architecture. Managing McAfee Web Gateway offers numerous implementation deployments is unified across all form factors, so one options—from explicit proxy to transparent bridge and policy can be extended to on-premises appliances, router modes—to ensure that your network architecture clusters of appliances, virtual appliances, and the cloud is supported. service all from one single management console.

6 McAfee Web Gateway DATA SHEET

Security Risk Management and Reporting Licensing The popular and respected security management For the ultimate in deployment flexibility and to help technology, McAfee ePolicy Orchestrator® (McAfee future-proof your investment, McAfee offers all features ePO™) software, is supported by McAfee Web Gateway of the McAfee Web Gateway and McAfee Web Gateway as a single source for all security reporting. Cloud Service in a single suite: McAfee Web Protection. Deploy on premises, in the cloud, or both for added McAfee ePO software delivers detailed web security flexibility and high availability—the choice is yours. You’ll reporting through the McAfee Content Security Reporter find award-winning McAfee anti-malware protection and extension. McAfee Content Security Reporter gives you comprehensive web filtering with either option. information and forensic tools to understand how your organization is using the web, comply with regulations, McAfee Web Gateway hardware is sold separately. identify trends, isolate problems, and tailor your filtering settings to enforce your web security policies. McAfee Content Security Reporter offers an external, stand- alone reporting server designed to offload resource- intensive data processing and storage from the existing McAfee ePO server, enabling it to scale to meet the reporting needs of even the largest global organizations.

1. In tests conducted by AV-TEST, McAfee Web Gateway detected 94.5% of zero-day malware, 99.8% of malicious Windows 32 portable executable (PE) files, and 98.63% of non-PE files. “McAfee Web Gateway Security Appliance Test,” AV-TEST GmbH.

2821 Mission College Boulevard McAfee and the McAfee logo, ePolicy Orchestrator, and McAfee ePO are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in Santa Clara, CA 95054 the US and other countries. Other marks and brands may be claimed as the property of others. Copyright © 2018 McAfee, LLC. 4174_1118 888 847 8766 NOVEMBER 2018 www.mcafee.com

7 McAfee Web Gateway