TMWS provides a flexible solution to safeguard your organization's office network and also protect your employees when they are outside your corporate network, that is, roaming users whose web traffic is not forwarded from recognized Internet gateways of your organization.
TMWS can work as a cloud proxy, an on-premises proxy, or a combination of both. It comes with two types of gateway deployment to protect your office network: virtual gateway and on-premises gateway, which you can determine based on the information security requirements and actual network environment of your organization.
An on-premises gateway is a software appliance deployed within your network. Once installed and configured, it acts as an on-premises proxy to inspect users' HTTP or HTTPS requests forwarded to it before each request can go out from your Internet gateways, and perform content control when web traffic goes out from and comes back to the user.
A virtual gateway is associated with a group of your organization's Internet gateways. Once added and configured, it identifies the specified Internet gateways and leverages the cloud proxy to inspect users' HTTP or HTTPS requests forwarded from these gateways before each request can go to the destination website, and perform content control when web traffic goes out from and comes back to the user.
To use a virtual gateway, make sure that each of your Internet gateway has a fixed range of public IP addresses.
For roaming users, their web traffic is forwarded to the TMWS cloud proxy. TMWS authenticates them first by requesting their authentication credentials to verify their identity.
Deploying an on-premises gateway enables you to handle users' HTTP or HTTPS requests with a low latency, apply more user authentication methods, configure bandwidth throttling for granular control, and keeps user traffic and raw logs local for data privacy concerns. Deploying a virtual gateway lets you reduce the effort on network infrastructure maintenance and operational tasks while focusing on strategic security by leveraging the sophisticated policy and administrative capabilities provided by TMWS. Determine a deployment solution that best suits the network security needs of your organization.
TMWS provides a cloud-based centralized management console, where you can add and manage your virtual and on-premises gateways, configure access and security policies, view users' web activities and logs, perform role-based access control, and so on.