Security Controls in the US Enterprise: Secure Web Gateway (Secure Web Gateway)

Security Controls in the US Enterprise: Secure Web Gateway (Secure Web Gateway)


Jason Pappalexis, John Whetstone, Will Fisher, Mike Spanbauer



While perimeter-based security devices can no longer protect all of an organization’s assets, they are still valuable tools. Secure web gateways (SWGs), for example, control and protect on-premises users and applications through features such as policy-based URL filtering, anti-malware capabilities, and bandwidth throttling. In addition to scanning unencrypted web traffic (HTTP), SWGs can—when deployed in full proxy mode—decrypt, scan, and re-encrypt HTTPS traffic.

Enterprises that wish to make changes to their security architectures will often rely on insight from their peers. This brief presents results from NSS Labs’ 2017 Enterprise Security Architecture Study, which included survey responses from 510 information security professionals representing 50 US industries.



  • Product scope, alternatives, deployment, and purchase authority
  • Metrics on product use within the enterprise
  • Who manages secure web gateway technologies? (breakdown by organization size)
  • Who uses API controls? (breakdown by organization size)
  • Enterprise challenges



Part of a series on security controls deployed by US enterprises, this brief includes current usage statistics for secure web gateways (SWGs) within small and medium-sized enterprises (SMEs), large enterprises (LEs), and very large enterprises (VLEs).

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor.