Jump to
Secure Web Proxy

Secure Web Proxy

Monitor and secure egress web traffic to help protect cloud workloads.

Go to console

  • Proxy traffic from cloud workloads to the internet

  • Restrict outbound traffic to trusted web services

  • Investigate security events and incidents involving egress traffic

Description of the video thumbnail.

VIDEO

Introduction to Secure Web Proxy

4:35

Benefits

Web traffic inspection and protection

Protects cloud workloads from malicious activity by inspecting web traffic, blocking untrusted web services, and logging egress traffic for forensic analysis.

Easy to deploy and manage

Requires no virtual machines (VMs) to set up or configure, and doesn’t require software updates to maintain security. It works out of the box.

Implement zero-trust principles

Helps organizations implement zero-trust principles by default—denying web egress traffic and allowing workloads to access only trusted web services.

Key features

Key features

Granular egress access policies

Secure Web Proxy (Cloud SWP) enables organizations to enforce granular access policies, limiting egress web traffic based on source, identities (secure tags, service accounts), destinations, and requests types (methods, headers, URLs). The URLs in policies can be specified by using lists, wildcards, or patterns.

TLS inspection

Secure Web Proxy offers a scalable TLS inspection service that lets you intercept TLS traffic, inspect the encrypted request, and enforce your policies. Cloud SWP uses Certificate Authority Service (CAS) to generate the certificates used for TLS inspection.

Modular deployment

Secure Web Proxy instances, policies, and URL lists are all modular objects that can be created or reused by distinct administrators. For example, you can deploy multiple Secure Web Proxy instances that all use the same proxy policy.

Carrefour logo
Secure Web Proxy has helped us to improve our security in Google Cloud. We are now able to filter outbound HTTP and HTTPS traffic from our applications. In addition, having a native solution will allow us to replace the VM-based solution we currently have, providing us with cost savings and continuing to deliver on our strategy of replacing products with cloud native services.

Roberto Vega, Cloud analyst, Carrefour

Documentation

Documentation

Tutorial

Secure Web Proxy overview

Get an overview of Secure Web Proxy and how to get started using it in your Google Cloud environment.

Learn more
Quickstart

Secure Web Proxy Evaluation Guide

Use this guide to set up and evaluate Secure Web Proxy in your environment.

Learn more
Tutorial

Prerequisites to use Secure Web Proxy

Learn how to enable the initial setup steps and permissions required to use Secure Web Proxy in your cloud environment.

Learn more
Quickstart

Deploy and test a Secure Web Proxy instance

Follow this step-by-step tutorial on how to create a policy, proxy rules, and deploy a Secure Web Proxy instance.

Learn more
Tutorial

Enabling Transport Layer Security (TLS) inspection

Learn how to configure Secure Web Proxy for TLS inspection using Certificate Authority Service (CAS).

Learn more
Tutorial

How to use tags to create policies

Learn how to use resource manager tags in Secure Web Proxy policies.

Learn more

Not seeing what you’re looking for?

View all product documentation
Release notes
Read about the latest releases for Secure Web Proxy

Use cases

Use cases

Use case
Restrict access to trusted external web services

Secure Web Proxy lets you apply granular access policies to your egress web traffic so that you can secure your network. This allows you to programmatically restrict cloud workload access to only trusted external web services.

Secure Web Proxy Architecture Diagram
Use case
Monitor outbound access and investigate incidents

Secure Web Proxy monitors outbound access and identifies traffic that doesn't conform to policy and logs it to Cloud Logging. This allows you to monitor internet usage, discover threats to your network by spotting command and control (C2C) traffic or anomalous data transfers. Logs can also be used in forensics to investigate security events and incidents involving egress web traffic. 

View all technical guides

Pricing

Secure Web Proxy pricing details

Secure Web Proxy billing is based on two metrics:

   (1) A per gigabyte (GB) charge based on the data processed by Secure Web Proxy.

   (2) A per hour charge for each Secure Web Proxy instance created and running. 

View pricing details

Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Get started
Google Cloud
send_spark
    DocsSupport
    • ‪English‬
    • ‪Deutsch‬
    • ‪Español‬
    • ‪Español (Latinoamérica)‬
    • ‪Français‬
    • ‪Indonesia‬
    • ‪Italiano‬
    • ‪Português (Brasil)‬
    • ‪简体中文‬
    • ‪繁體中文‬
    • ‪日本語‬
    • ‪한국어‬
    Console
    Sign in
    Security
    HomeIntel and expertiseSecOpsCloud securitySecurity resources
    Incident Response Assistance
    Contact Us
    • Accelerate your digital transformation
    • Whether your business is early in its journey or well on its way to digital transformation, Google Cloud can help solve your toughest challenges.
    • Google Cloud products
    • Browse over 100 products. New customers get $300 in free credits to run, test, and deploy workloads. All customers can use 25+ products for free, up to monthly usage limits.
    • Save money with our transparent approach to pricing
    • Google Cloud's pay-as-you-go pricing offers automatic savings based on monthly usage and discounted rates for prepaid resources. Contact us today to get a quote.
    Google Cloud