Call a Specialist Today! 866-981-2998

F5 BIG-IP Secure Web Gateway Services
Delivers Insight and Control of Inbound and Outbound Web Traffic

F5 BIG-IP Secure Web Gateway Services

F5 Networks Products
BIG-IP Products
F5 BIG-IP Secure Web Gateway Services
Contact us for Pricing!

Click here to jump to more pricing!


Because F5 products occupy the strategic point of control in the network, F5 Networks is uniquely positioned to help organizations secure their users with high-capacity, highperformance web security on the same platforms those organizations use for application delivery control.

The F5 Difference

What makes F5 Secure Web Gateway Services different from traditional forward proxies? There are five major differences, and these differences are critical to understanding the ability of the F5 solution to complete a web-security reference architecture.

  • Integrated malware detection
    Traditional forward-proxy solutions perform similar URL filtering but require an additional appliance or set of devices to perform malware detection. The Secure Web Gateway Services solution integrates this functionality into the same platform.
  • Scale and performance
    The reference architecture for Secure Web Gateway Services delivers a much higher scalability factor than traditional forward proxies. This enables fewer devices to handle web security and lowers CapEx for the enterprise.
  • SSL interception
    The increased use of SSL in all organizations requires a means to intercept and inspect outbound SSL connections. Traditional solutions often involve an F5 Application Delivery Controller (ADC) to perform this functionality. Incorporating Secure Web Gateway Services into the main ADC platform achieves consolidation gains.
  • Federated single sign-on
    The F5 solution is the only one on the market today that integrates federated single sign-on (SSO). This mature F5 technology enables an organization to create a captive portal page for authenticating users each morning and then to provide SSO for the remainder of the day, enhancing the user experience and saving precious time.
  • Consolidation of security services
    All of these outbound security services are available on every F5 platform. The inbound security features are as well. This means that consolidation for both inbound and outbound access and security are available at the strategic point of control in the network.

These differences enable F5 Secure Web Gateway Services to provide a compelling architecture for both web security and application security.

Understanding Explicit and Transparent Proxies

F5 Secure Web Gateway Services can automatically function as a transparent forward proxy for all user requests flowing through it to the Internet. When the solution is used this way, administrators do not have to make changes to each device’s settings or to group policy to be able to intercept user sessions.

Secure Web Gateway Services also can function as an explicit proxy. Unlike transparent proxy mode, the explicit forward proxy mode requires administrators to explicitly define the outgoing forward proxy for each of the target devices (and users) on the network. While this sounds like more administration work, organizations have found that there are significant, tangible security benefits associated with explicit proxy mode.

Secure Web Gateway Services automatically creates auto configuration files in either WPAD or PAC format. Otherwise, the settings for the explicit proxy can be pushed out via group policy or another enterprise management solution.

How F5 Customers Use Secure Web Gateway Services

The Secure Web Gateway Services reference architecture anticipates four typical customer scenarios. These scenarios are not mutually exclusive and, in fact, are usually collocated.

  • Context-aware security
    The Secure Web Gateway Services secures users in the familiar corporate environment.
  • Bandwidth control
    The F5 solution can limit bandwidth consumption by media content type and thus influence user behavior.
  • Acceptable use policy presentation
    Secure Web Gateway Services helps organizations provide network access for visiting users while deferring much of the associated liability by requiring acceptance of an acceptable use policy.
  • Compliance
    Payment Card Industry (PCI) guidelines associated with security for credit card numbers require that servers within a cardholder data environment (CDE) use a forward proxy to access update servers across the Internet.

Pricing Notes:

F5 Networks Products
BIG-IP Products
F5 BIG-IP Secure Web Gateway Services
Contact us for Pricing!