blog-banner.jpg

Security "Bits"

Do CASBs and Cloud SWGs Compete?

By Bitglass | March 17, 2021 at 4:37 AM

Full_Logo_Raster.pngI'm frequently asked whether Secure Web Gateways (SWGs) and Cloud Access Security Brokers (CASBs) compete. After all, they're both proxies, they both offer data & threat protection, they're both cloud-based (some SWGs), and both are gradually replacing firewalls in a lot of enterprise environments. Sounds similar, so they must be competitive, right? Actually, they serve as complements for two very different use cases. 

As cloud-based SWG vendors add more capabilities, they are starting to look more and more promising as a direct replacement for a firewall. By that, I mean that for the same use case (network/perimeter protection), you can use either a firewall or cloud-SWG - they are simply delivering network security services via the cloud (in Bitglass’ case, our SmartEdge SWG is a bit different and deploys locally on each user’s device - but you can read more about that approach and its benefits here). 

What's different about CASB is that CASBs come into play for a different use case, one that makes the firewall (and any notion of perimeter protection) obsolete. As a pre-requisite for protection, both SWGs and the firewalls require traffic to transit through them. They are deployed either on the corporate network, or as a cloud-based extension of the corporate network.

When an outside user connects to a cloud app, that traffic doesn't transit through the corporate network, which is what lead to the rise of CASBs, which are architected for exactly this "beyond the firewall" scenario. Every % increase in the amount of off-network cloud traffic translates into a CASB gain at the expense of the FW.

In short, SWGs and CASBs are both taking share from NGFWs, and both may be necessary in your enterprise.

Test drive the Bitglass SASE platform, which includes our SWG, CASB, and ZTNA, today

Request a Free Trial

FOLLOW US

BLOG TOPICS

see all