Symantec Secure Web Gateway OS

Basic Information

Broadcom Symantec Secure Web Gateway OS, often referred to as Symantec Edge SWG or SGOS, is the operating system powering Broadcom's Secure Web Gateway solutions. It is designed to provide comprehensive web security for enterprise environments. The asset is available across various models, including dedicated hardware appliances (SSP-S210, SSP-S410, SSP-620-10 series) and Virtual Appliances (SWG VA).

• Model: Symantec Secure Web Gateway (SWG), Symantec Edge SWG, SGOS (Operating System). Hardware models include SSP-S210, SSP-S410, SSP-620-10, and Virtual Appliances.
• Version: Latest Long-Term Release (LTR) is SGOS 7.4. SGOS 7.3 was a previous LTR.
• Release Date: SGOS 7.4 was generally available on July 8, 2023. The SSP series hardware appliances were introduced in 2020.
• Minimum Requirements: For Cloud SWG, an x86 or x86-64 compatible processor, 100 MB of available hard disk space, and a high-speed internet connection are required. For Virtual Appliances, requirements range from 1 to 16 CPU cores, 4 GB to 128 GB RAM, 1 to 8 virtual drives, and 100 GB to 800 GB disk capacity, depending on the license.
• Supported Operating Systems: The asset itself is an operating system (SGOS). It runs on Symantec's dedicated hardware appliances and is supported on virtualized platforms such as VMware ESX and ESXi (versions 5.x and 6.x), KVM, and public cloud environments including AWS, Azure, and Google Cloud.
• Latest Stable Version: SGOS 7.4 is the current Long-Term Release (LTR), considered the most stable version.
• End of Support Date: SGOS 6.7 reached End of Support on December 31, 2023. SGOS 7.3 End of Maintenance (EOM) has been set and is superseded by SGOS 7.4 LTR. Long-Term Releases typically receive support for a minimum of 3 years from designation or 2 years after EOM notification.
• End of Life Date: SGOS 6.7 reached End of Life on December 31, 2023. The End of Life announcement date for SGOS 7.3 is December 31, 2024, with customers having two years from this date to upgrade to SGOS 7.4 LTR. Older versions like SWG 5.0.2.8 reached End of Life in 2015 and End of Support Life in 2019.
• Auto-update Expiration Date: Not explicitly specified; updates are generally available through normal support channels.
• License Type: Enterprise subscription licensing is available, often based on CPU core count for on-premises and virtual deployments, or per-user annual pricing for Web Protection and Network Protection licenses. Trial and permanent licenses are also offered for hardware platforms.
• Deployment Model: Flexible deployment options include on-premises (dedicated hardware appliances or virtual appliances), cloud-based (SaaS hosted service, public cloud platforms), or hybrid configurations.

Technical Requirements

Broadcom Symantec Secure Web Gateway OS operates on purpose-built hardware and virtualized environments, with specifications varying by deployment model and license capacity.

• RAM: Virtual Appliances require 4 GB to 128 GB, depending on the license. SSP hardware models offer configurations with 64 GB, 96 GB, 384 GB, or 1 TB of DDR4/DDR5 SDRAM.
• Processor: Virtual Appliances support 1 to 16 CPU cores based on license. Cloud SWG requires x86 or x86-64 compatible processors. SSP hardware features processors such as a 1x16 core 2.0 GHz C3958 Atom or 2x10 core 2.2 GHz 4210 Cascade Lake.
• Storage: Cloud SWG requires 100 MB for software and logging. Virtual Appliances need 100 GB to 800 GB disk capacity. SSP hardware includes SSD storage ranging from 2x960 GB to 4x3.84 TB U.2 NVMe SSDs, with boot drives of 2x64 GB SATA or 2x128 GB M.2 NVMe SSD.
• Display: Not a direct requirement for the OS itself, but a standard display is necessary for accessing the management console.
• Ports: Network interfaces include data ports (e.g., 4-port 1GbE Copper, 2x2-port 10GbE Copper with bypass) and management ports (e.g., 1x1GbE Copper, 1x1GbE Aux).
• Operating System: The asset is SGOS, a proprietary operating system. It is designed to run on Symantec's dedicated SSP hardware platforms or as a virtual appliance on hypervisors like VMware ESX/ESXi and KVM.

Analysis of Technical Requirements

The technical requirements for Broadcom Symantec Secure Web Gateway OS are highly scalable and flexible, catering to diverse enterprise needs. The distinction between virtual appliance and dedicated hardware specifications allows organizations to choose between cost-effective, flexible virtualization and high-performance, purpose-built appliances. The virtual appliance options provide agility for rapid deployment and disaster recovery, while the SSP hardware offers robust performance for demanding environments. The specified processor, RAM, and storage configurations are typical for enterprise-grade security solutions, ensuring efficient processing of web traffic and security functions. The network interface options support various network speeds and configurations, critical for seamless integration into existing infrastructures.

Support & Compatibility

Broadcom Symantec Secure Web Gateway OS maintains compatibility with various deployment models and offers structured support policies.

• Latest Version: SGOS 7.4 is the latest Long-Term Release (LTR).
• OS Support: SGOS is designed to run on Symantec's dedicated SSP hardware appliances and is compatible with virtualized environments, specifically VMware ESX/ESXi (versions 5.x and 6.x) and KVM. It also supports deployment in public cloud infrastructures such as AWS, Azure, and Google Cloud.
• End of Support Date: SGOS 6.7 reached its End of Support on December 31, 2023. SGOS 7.3's End of Maintenance (EOM) has been declared, with SGOS 7.4 LTR as its replacement. Long-Term Releases (LTRs) are supported for a minimum of 3 years from their designation or 2 years following EOM notification, while Standard Releases are supported for a minimum of 1 year after EOM notification.
• Localization: Specific localization details are not extensively documented, but as an enterprise product, it is expected to support multiple languages for its management interfaces and documentation.
• Available Drivers: As an embedded operating system for an appliance, SGOS includes its own integrated drivers for the supported hardware. External driver installation is generally not applicable.

Analysis of Overall Support & Compatibility Status

The overall support and compatibility status is robust, particularly with the emphasis on Long-Term Releases (LTRs) like SGOS 7.4. Broadcom provides clear End of Life and End of Support policies, which are crucial for enterprise planning. The broad compatibility with both dedicated hardware and leading virtualization platforms (VMware, KVM) and major public cloud providers (AWS, Azure, Google Cloud) offers significant deployment flexibility. This allows organizations to integrate the Secure Web Gateway into diverse IT infrastructures, supporting both on-premises and cloud-first strategies. The structured release cycle with LTRs ensures stability and long-term viability for critical deployments.

Security Status

Broadcom Symantec Secure Web Gateway OS incorporates a comprehensive suite of security features to protect against web-based threats, backed by certifications and robust authentication mechanisms.

• Security Features: Includes real-time threat detection and prevention, advanced content filtering, Data Loss Prevention (DLP), multi-engine malware scanning, encrypted traffic inspection (SSL/TLS 1.3 decryption and re-encryption), granular URL filtering, web isolation (remote browser isolation), Cloud Access Security Broker (CASB) services, dynamic sandboxing, Zero Trust Network Access (ZTNA) capabilities, and policy-based traffic management. It leverages the Symantec Global Intelligence Network (GIN) for threat intelligence.
• Known Vulnerabilities: An OS command injection vulnerability was identified and fixed in SWG 5.2.2 (2014). An unpatched vulnerability (Hoaxcalls botnet) was exploited in the End-of-Life version 5.0.2.8, which reached EOL in 2015 and EOSL in 2019.
• Blacklist Status: Utilizes URL filtering and threat intelligence from the Symantec Global Intelligence Network to identify and block access to malicious websites and URLs.
• Certifications: The cloud infrastructure is ISO27001 and SSAE-16 SOC3 certified. Long-Term Releases (LTRs) are designed to be FIPS/CC certified. SGOS v7.4 holds NDcPP v2.2e certification.
• Encryption Support: Supports comprehensive SSL/TLS 1.3 decryption and re-encryption, employing secure CAs with Symantec PKI hosted Root and Intermediate CAs, or customer-provided PKI. It performs Server Certificate Authority validation with revocation checking and inspects encrypted traffic for data leaks.
• Authentication Methods: Supports integration with Windows Active Directory (AD) without requiring modifications, and SAML v2 (Post and Redirect bindings) for user authentication.
• General Recommendations: Users should consistently update to the latest stable software versions, implement network and host-based intrusion detection systems, adopt a multi-layered security strategy, and ensure that the management interface is not exposed externally.

Analysis on the Overall Security Rating

The overall security rating for Broadcom Symantec Secure Web Gateway OS is strong, particularly for currently supported versions. It offers a comprehensive array of advanced security features, including deep content inspection, encrypted traffic visibility, and integration with a global threat intelligence network. The product's certifications (ISO27001, SOC3, NDcPP) underscore its commitment to security standards. However, the history of vulnerabilities in older, unsupported versions highlights the critical importance of maintaining current software versions and adhering to upgrade recommendations. The robust authentication methods and general security recommendations provided by Broadcom are essential for maintaining a secure posture.

Performance & Benchmarks

The Broadcom Symantec Secure Web Gateway OS, especially on newer hardware, focuses on delivering high performance for demanding enterprise environments.

• Benchmark Scores: Specific numerical benchmark scores are not publicly detailed, but new hardware platforms are noted for "significantly higher performance."
• Real-world Performance Metrics: New hardware appliances can achieve up to 5 Gbps of throughput, even with 90% SSL encrypted web traffic. Performance is enhanced through advanced content peering and TCP connection acceleration, leading to increased throughput and improved user experience.
• Power Consumption: For the SSP-S210-10 model, maximum power consumption is 300W. For SSP-S410-20B/40B models, it is 1200W.
• Carbon Footprint: Specific data on carbon footprint is not publicly available.
• Comparison with Similar Assets: Symantec Secure Web Gateway is ranked #30 among top Web Security Gateways on PeerSpot, with an average user rating of 6.6 out of 10. It is commonly compared to solutions like Fortinet FortiGate and Cisco Umbrella. The new hardware allows for environmental consolidation, potentially reducing costs associated with management, power, cooling, and physical space.

Analysis of the Overall Performance Status

The overall performance status of Broadcom Symantec Secure Web Gateway OS is characterized by high throughput capabilities, especially with the latest hardware. The ability to handle significant volumes of SSL-encrypted traffic at multi-gigabit speeds is a critical advantage in today's web environment. While specific benchmark numbers are not widely published, the focus on performance improvements in new hardware and architectural enhancements like TCP connection acceleration indicates a strong commitment to maintaining competitive performance. The consolidation benefits offered by higher-performing appliances also translate into operational efficiencies and cost savings.

User Reviews & Feedback

User reviews and feedback for Broadcom Symantec Secure Web Gateway highlight several strengths and weaknesses, along with recommended use cases.

• Strengths: Users praise its ease of use, user-friendly graphical user interface (GUI), and effective cloud-based reporting for enhanced visibility. Key features like endpoint security, ICAP capability, URL filtering, website blocking, and SSL interception are highly valued. The product is noted for its ease of management, straightforward deployment, and effective threat handling. Users appreciate its real-time threat protection, comprehensive policy-based traffic management, and deployment flexibility (on-premises, cloud, hybrid). It provides strong protection against web threats, offers good visibility into blocked content, and is effective for cloud security and data protection.
• Weaknesses: Some users report inconsistencies in user interfaces and licensing following Broadcom's acquisition. Occasional blocking of legitimate URLs is mentioned, though requests to unblock are manageable. Feedback suggests that reporting capabilities could be improved, with reports sometimes installed on VMware Virtual Appliances rather than a central appliance. Concerns include increased costs, the data center struggling to handle most traffic, and the potential for protection to be circumvented by VPN usage. Hardware performance issues or slowness have also been noted for virtual appliance deployments.
• Recommended Use Cases: The asset is recommended for safeguarding sensitive data and ensuring regulatory compliance, particularly in sectors like finance, healthcare, and education. It is widely used for applying URL policies related to cloud security, data protection, and SSL. Organizations deploy it to protect applications from various threats and phishing attempts, and to secure remote access for users.

Summary

The Broadcom Symantec Secure Web Gateway OS is a robust and highly flexible enterprise web security solution, designed to protect organizations from the evolving threat landscape. Its core strength lies in its comprehensive suite of security features, including advanced malware detection, encrypted traffic inspection (TLS 1.3), data loss prevention, and integration with the extensive Symantec Global Intelligence Network. The platform offers significant deployment flexibility, supporting dedicated hardware appliances, virtualized environments, and various public cloud infrastructures, allowing organizations to tailor their security posture to their specific needs and transition at their own pace.

Key strengths highlighted by users and product information include its ease of use, effective management, and strong real-time threat protection capabilities. The latest Long-Term Releases, such as SGOS 7.4, ensure stability and long-term support, backed by certifications like ISO27001, SOC3, and NDcPP. Performance on newer hardware is notably high, capable of handling multi-gigabit encrypted traffic, which is crucial for modern web environments.

However, some weaknesses exist, particularly concerning user interface and licensing consistency post-acquisition, and occasional reports of performance issues with virtual appliances or limitations in reporting. The history of vulnerabilities in older, unsupported versions underscores the critical need for timely upgrades and adherence to Broadcom's End of Life policies.

Overall, the Broadcom Symantec Secure Web Gateway OS is a powerful solution for enterprises requiring advanced web security, granular policy enforcement, and flexible deployment options. It is particularly well-suited for organizations in regulated industries or those with complex hybrid cloud environments. To maximize its benefits, users should prioritize staying on the latest stable versions, leveraging its comprehensive feature set, and integrating it effectively within their broader security architecture. The information provided is based on publicly available data and may vary depending on specific device configurations; for up-to-date information, please consult official manufacturer resources.