Security "Bits"

SWG without Certificate Hassles

By Tim Davis | August 23, 2020 at 7:33 PM


Last week, we got a call from a leading Wall Street house. Their users were fed up of VPN to the office during the pandemic, and the CISO had a mandate for cloud-first network security.  The CISO had done his homework, and right out of the gate, zero'd in on the two things that mattered to them. Three things actually.  

The Bitglass SmartEdge SWG architecture had caught their attention.   When the SWG is on the end-point, three things stood out to them

  • Privacy - all traffic is decrypted and inspected on their own devices, not in a third party cloud
  • No certificates to manage, on the end-point or in the cloud
  • Performance - no extra network hops or congestion.

As far as Wall Street is concerned, the advantage of VPN to on-prem SWG is that their traffic is not inspected on third party servers.  But SmartEdge gives them the best of both worlds, fully cloud managed, no appliances to install, and yet their traffic is not inspected on third party servers.

Secondly, SmartEdge runs on self-managed certificates via our patent pending Trapdoor proxy technology.  There is no need to install the bank's certificates on our servers, and no need to manage certificates on the end-point since each SmartEdge agent is a self-sufficient cryptographic module.  

And lastly, no matter where the user is located, there is no latency impact from backhauling traffic through a congested third-party cloud proxy. 100% SSL decryption and inspection right on the device. 

Get a free trial of the Bitglass SmartEdge SWG today!






see all