The WEBGAP Approach

Written by Guise Bule, Editor at Secjuice

WEBGAP Remote Browser Isolation

Our mission is a simple one, we aim to cost-effectively isolate our users from cyber threats, allowing them to use the internet without worrying about malware infecting them. We do this in a simple way, we physically isolate their browser away from their local machines and in doing so we physically isolate the risks that come with using the internet.


WEBGAP is the developer of the WEBGAP browser isolation engine, a proprietary remote browsing platform designed to effectively isolate your users from malware in a secure, cost effective and highly scalable way. The WEBGAP platform was built on the principles of the Safeweb model, a physical isolation cybersecurity model that the team behind WEBGAP developed in collaboration with National Nuclear Security Administration cybersecurity teams. They were the first team on the planet to host a large scale remote browsing platform, for thousands of federal government users in high security environments.

They realized earlier than most that virtualization is an inefficient vehicle for handling browsing compute loads at scale and their move away from virtualization and towards containerization means that they need roughly 10x less server infrastructure than their competitors solutions. They also realized that isolation alone is not enough and so they go a step beyond isolation to first destroy and then rebuild every web page, before delivering it to the user, providing them with a cleaner and purer internet.

WEBGAP means effective browser isolation for the many and not for the few.

WEBGAP allows you to quickly set up and begin protecting your internet users from cyberattack, enabling them to ‘remote browse’ through secure WEBGAP cloud servers and isolate cyber risks away from your internal networks. They offer the most scalable and cost effective browser isolation platform on the market and I believe that their model and architecture sets them above our competition in ten key ways:

1. No Client Software Required
There is no client side software or plugin required, WEBGAP users can simply browse safely after authenticating in a browser tab. If you have a large amount of users, enterprises can send out a group policy that configures your local browsers to push traffic through the WEBGAP proxy via Active Directory.

2. Securely Browse The Internet
WEBGAP users can can browse any websites including those that cannot be categorized by secure web gateways without worrying about being attacked by ransomware, phishing sites, XSS attacks, cookie stealing and drive-by download attacks, allowing them to use the internet in a risk free way.

3. Securely Read Emails
WEBGAP users can read emails with active content (html/javascript) and the urls embedded inside emails can be automatically redirected into WEBGAP, meaning that there is no need to worry about users being attacked through their email. For email peace of mind, put a WEBGAP between your users and the malware.

4. Total Malware Isolation
WEBGAP effectively isolates its users from malware, all active contents and scripts are executed on the WEBGAP isolation platform, the original webpages never leave WEBGAP servers and no attacks are ever leaked outside the isolated WEBGAP environment, providing confidence that cyber risks are safely isolated.

5. Browsing Policy & History
Using our control panel, administrators can easily set up a URL whitelist and/or blacklist policies, all browsing history can also be logged for subsequent security auditing and we can easily integrate into existing user management systems. Its easy to manage your users internet browsing activity with WEBGAP.

6. Multiple Isolation Mechanisms
WEBGAP isolates effectively at multiple levels to ensure our users are kept safe from web based cyber threats. WEBGAP browser isolation employs rendering isolation, session isolation, process isolation and connection isolation to provide the worlds most secure remote browsing environment.

7. Website Pre-Rendering
WEBGAP realized that physical isolation is not enough, so they go a step further by destroying and then rebuilding every web page, stripping it of potentially malicious code, before displaying it to their users. WEBGAP pre-renders web pages and re-encodes them, rendering the results according to content type, before then rebuilding the webpage into pure, uncontaminated, HTML for delivery to the end user.

8. Container Clustering
The WEBGAP Engine is built upon a highly scalable and efficient containerization based architecture, our compute cluster is based on the containerization model and our isolation engine is packaged and executed as a container, meaning that it’s cost-effective to deploy and operate WEBGAP on commodity servers.

9. Distributed Architecture
The WEBGAP Engine leverages a unique distributed infrastructure that does not require any SAN or specialized appliance hardware. Because of our architecture, it is easy and cost effective to stretch cluster additional virtual, cloud and physical servers into the WEBGAP grid to expand capacity. Scale out, not up!

10. API Friendly
We built the WEBGAP Engine from the ground up to be API friendly, meaning that it is designed to integrate easily with your existing systems and security tools. Our API rich environment makes it easy for you to tool our service to suit your needs and pull out the data you need, for monitoring and management purposes.

It is these ten points that set WEBGAP apart and reflect the fact that they have been isolating users from malware longer than most. WEBGAP provides a fully hosted and fully managed remote browser platform hosted in an EMP proof, ex-military communications bunker, meaning that even if your adversaries launch an EMP/nuclear strike on their datacenter facility, WEBGAP will still keep on delivering services as expected.

If you are still letting your internet users browse the internet directly from their local machines, then you need to have a serious conversation with WEBGAP about enhancing your cybersecurity posture. Let them help you achieve internet peace of mind with their remote browser platform.

Like the things we write? Follow @WEBGAP on Twitter for more!