Sherlocked Security – Browser Isolation & Secure Web Gateway (SWG) Setup
Reduce Web-Based Threats and Enforce Secure, Policy-Driven Internet Access Across the Enterprise
1. Statement of Work (SOW)
Service Name: Browser Isolation & SWG Setup
Client Type: Enterprises, Financial Institutions, Healthcare, Government Agencies
Service Model: Advisory, Implementation, Policy Design, and Managed Support
Compliance Alignment: NIST 800-53, ISO/IEC 27001, SWIFT CSCF, HIPAA, CIS Controls
Service Scope Includes:
- Deployment of Remote or Local Browser Isolation technologies
- Design and setup of Secure Web Gateway (SWG) solutions
- URL filtering, content disarm & reconstruction (CDR), and malware sandboxing
- Integration with CASB, DLP, and threat intel feeds
- Policy creation for web access controls, tenant restrictions, and shadow IT prevention
- Performance optimization and user experience tuning
- Incident visibility and integration with SIEM/SOAR platforms
2. Our Approach
[Requirements Gathering] → [SWG/Isolation Strategy Design] → [PoC & Tool Selection] → [Implementation & Policy Tuning] → [Threat Testing] → [Integration & Rollout] → [Training & Handover]
3. Methodology
-
Assessment of Web Threat Surface
- Analyze user behavior, web usage patterns, and malicious URL exposure
-
Tool Evaluation & Architecture Design
- Determine best-fit architecture: remote cloud-based isolation, on-premise SWG, or hybrid
-
Policy & Rule Definition
- Design web usage policies, tenant restrictions, and domain categorizations
-
SWG Configuration
- Set up URL filtering, SSL decryption, content scanning, and user/group-based access rules
-
Browser Isolation Deployment
- Configure pixel-based or DOM mirroring-based isolation layers with appropriate session policies
-
Threat Handling Integration
- Integrate with AV engines, threat intelligence, and sandboxing solutions for high-risk content
-
Monitoring & Incident Pipeline
- Route alerts to SIEM/SOAR for real-time visibility and response automation
4. Deliverables to the Client
- SWG Architecture & Deployment Plan
- Browser Isolation Configuration Blueprint
- Policy Matrix for URL Categories, Roles, and Access Levels
- Threat Simulation & Performance Benchmark Report
- Integration Checklist (SIEM, CASB, DLP)
- End-User Awareness Materials & Admin SOPs
5. What We Need from You (Client Requirements)
- Network Diagram with Proxy or Internet Egress Points
- User Access Policies and Role Definitions
- Existing CASB/DLP/Proxy Tools (if any)
- Web Usage Baseline (URL logs, categories, etc.)
- Directory Integration (AD, LDAP, SAML)
- Access to Security Teams for Policy Validation and Exception Scenarios
6. Tools & Technology Stack
-
SWG Platforms:
- Zscaler, Symantec Web Security, Cisco Umbrella, Forcepoint, McAfee Web Gateway
-
Browser Isolation:
- Menlo Security, Ericom Shield, Cloudflare Zero Trust Browser Isolation, HP Sure Click Enterprise
-
Threat & Content Scanning:
- CDR Engines, Sandboxing (FireEye, Palo Alto WildFire)
-
SIEM & CASB Integration:
- Splunk, Microsoft Sentinel, Netskope, Skyhigh Security, Bitglass
7. Engagement Lifecycle
- Kickoff & Requirements Workshop
- Threat Surface and Usage Pattern Analysis
- Tool Evaluation or Selection (if not pre-decided)
- Policy & Access Control Planning
- Pilot Deployment and User Acceptance Testing
- Full Rollout with Monitoring & Logging Integration
- Training, Documentation, and Optimization
8. Why Sherlocked Security?
| Feature | Sherlocked Advantage |
|---|---|
| End-to-End Web Threat Protection | From browser isolation to URL filtering and SSL decryption |
| Zero Trust Web Access | Role-based policies, tenant restrictions, and inline user validation |
| Compliance & Shadow IT Control | Integrated with CASB, DLP, and productivity monitoring tools |
| Seamless Integration | SIEM, IAM, and incident response compatibility |
| User-Aware Policy Tuning | Based on behavioral risk insights and business priorities |
9. Real-World Case Studies
Browser Isolation for Regulated Finance
Client: Investment firm dealing with high-risk user web access
Challenge: Frequent phishing and malware via browser-based vectors
Solution: Deployed remote browser isolation with role-based policies and audit logging
Outcome: Reduced web threat incidents by 80% without impacting productivity
Secure Web Gateway Rollout for Healthcare
Client: Large hospital network with remote staff
Challenge: Inconsistent enforcement of web policies and data leakage risk
Solution: Implemented Zscaler SWG integrated with Microsoft Defender and CASB
Outcome: Enhanced DLP enforcement, prevented access to unsanctioned SaaS, improved audit readiness
10. SOP – Standard Operating Procedure
- Define Web Access Requirements & Risk Profiles
- Deploy SWG in Transparent/Explicit Mode Based on Network Topology
- Set Browser Isolation Parameters for Risky Categories or BYOD Devices
- Integrate with IAM/SSO and CASB for Identity-Aware Policies
- Tune Policies Based on Behavior Analytics and Feedback Loops
- Validate with Threat Simulations and Access Testing
- Train Admins & Provide Policy Exception Workflow
11. Readiness Checklist
1. Pre-Implementation
- [ ] Identify web threat vectors and usage patterns
- [ ] Define user roles and acceptable use policy
- [ ] List existing web access control systems (if any)
- [ ] Review proxy, DNS, and SSL inspection readiness
- [ ] Prepare identity integration setup (AD, SAML, OIDC)
2. During Engagement
- [ ] Deploy SWG policy base and isolation profiles
- [ ] Integrate logging with SIEM and SOAR tools
- [ ] Test access rules across departments and devices
- [ ] Configure CDR, sandboxing, and SSL inspection (if applicable)
- [ ] Validate latency, UX, and policy enforcement effectiveness
3. Post-Implementation
- [ ] Finalize SOPs and exception handling process
- [ ] Conduct awareness sessions for users and admins
- [ ] Monitor for alert noise and false positives
- [ ] Review access logs and iterate policies quarterly
- [ ] Schedule annual threat simulation and policy refresh