Looking for a step-by-step breakdown of the exact process that occurs when visiting a website through a SWG (such as Microsoft Entra Internet Access or Cloudflare’s SWG).
For example:
1. User types a URL in the browser’s address bar and hits enter.
2. What happens next? Does the DNS query happen first, and then the request is channeled through the SWG? Or does the SWG handle the DNS query? (and therefore the device’s DNS servers are bypassed?)
And so on and so forth.
In essence, I’m trying to get a better understanding of what others on the same network might see when you’re using a SWG compared to NOT using one (since SWGs are a standard component of any SSE/SASE solution, which is all about zero-trust, assuming breach, etc.)
Thanks for this, but I think I’m still missing something very basic about SWGs. Please explain like I’m five… When Microsoft announced Global Secure Access (their SSE solution), the main headline was “No more VPNs!” I do understand how ZTNA replaces the need for a VPN (and improves upon it) when remotely accessing on-prem data. The part I’m not understanding is how a SWG protects you when accessing cloud data from say, Starbucks. Normally, people would use a VPN to encrypt traffic, but if I understand correctly, a SWG doesn’t do that. To clarify, I do understand the value of a SWG in general, but why is “no more VPNs” the sentiment?
Please explain like I’m five…
But you are not 5, you are an adult or at least someone capable of using a computer.
ZTNA replaces the need for a VPN
ZTNA does not replace VPN. ZTNA is a VPN with fancy L4-L7 functions, that’s it.
SWG protects you when accessing cloud data from say, Starbucks.
Because your traffic goes through the L7 appliance and is inspected as analyzed as well as the XDR on your client performing SSL MitM to spot potential harmful traffic or content.
Its not, thats marketing. SWG imho is a cloud-hosted FW. While you can use proxies to replace VPNs (see Google BeyondCorp), that approach has massive drawbacks (see chat in /r/zerotrust on Google saying as much - https://www.reddit.com/r/zerotrust/comments/1bfb7od/thoughts\_on\_googles\_beyondcorp\_and\_the\_long\_tail/). Replacing VPNs completely with ZTNA requires an overlay network imho - which a SWG does not provide.
Got it, thank you. I definitely feel like I’m 5 sometimes when trying to understand this stuff!