Web Security Gateway UniWSG

A Secure and High-Performance Solution for Web Application Optimization

Contact Now

Product Overview

UniWSG, the Web Security Gateway from Leagsoft, consolidates internet-facing ports of web applications, helping enterprises achieve public network invisibility for their web services. It ensures secure access to business applications without requiring changes to user habits, while effectively defending against common OWASP security threats. In addition, UniWSG offers a comprehensive web traffic analytics platform. By performing multidimensional analysis of business traffic, it generates insightful visualizations of traffic patterns, application usage, and statistical reports on abnormal activities. These capabilities empower customers with valuable data for cost optimization, operational efficiency, and enhanced business decision-making.

Key Capabilities

SPA Single-Packet Authorization (SPA)
Application-Level Secure Tunnel
DLP Data Loss Prevention
Load Balancing
Intrusion Detection and Protection
Business Transaction Analysis
SPA Single-Packet Authorization (SPA)
Utilizes SPA technology to render the internet-facing surface of applications “invisible,” enhancing resilience against attacks and significantly reducing exposure to external threats.
Application-Level Secure Tunnel
Ensures the security of HTTP/HTTPS traffic for web applications through application-level encrypted tunnels. Employs advanced protocol parsing and identity authentication to effectively detect and block malicious requests.
DLP Data Loss Prevention
Delivers robust data loss prevention capabilities, including copy-paste protection, file download restrictions, and watermarking. Provides comprehensive coverage for diverse data security scenarios, ensuring an optimal balance between security and operational efficiency.
Load Balancing
Incorporates intelligent load balancing mechanisms with health checks and compatibility with various mainstream transport protocols. Significantly reduces backend server load and enables high availability across business application server clusters.
Intrusion Detection and Protection
Offers comprehensive security defense against threats such as SQL injection, cross-site scripting (XSS), vulnerability scans, password brute-force attacks, CC and DDoS attacks. Leverages machine learning and automated defense strategies to accurately detect and mitigate malicious traffic.
Business Transaction Analysis
Provides enterprises with data-driven operational insights for business operations, product management, and decision-making. Features transaction volume statistics, call chain tracing, performance monitoring, and anomaly analysis—empowering organizations to enhance operational efficiency, user experience, and precision-driven business strategies through big data capabilities.

Advantages

Clientless Business Stealth Mode
Employs SPA technology to achieve business stealth and single-packet authorization without requiring specialized client software or modifications to existing applications. This significantly reduces the internet-facing attack surface, enhances resilience against threats, and lowers the risk of external attacks.
One-Stop Data-Driven Operations
Delivers comprehensive data services to empower enterprises with one-stop data-driven operations. Features include transaction tracing, performance analysis, issue diagnosis, and user impact assessments, effectively reducing mean time to resolution (MTTR), improving operational efficiency, and enhancing user experience.
Intrusion Detection and Protection
Provides deep visibility into network business traffic, offering detection and defense across Layers 3 to 7 against a wide range of intrusion attacks and policy violations. Ensures robust, comprehensive security protection for business systems.
Integrated Security with Leadsec Products
All Leagsoft security products are self-developed and inherently interoperable, offering seamless integration capabilities. This integrated security ecosystem enables customers to build diverse, tailored solutions to address varying security scenarios and requirements.
Cybersecurity Foundation Operations Center
As a critical component of Leagsoft’s Cybersecurity Foundation Solution, UniWSG integrates with management consoles of other Leadsec security products, enabling unified identity management and single sign-on (SSO). It serves as a unified security gateway for centralized management and operations across the cybersecurity foundation platform.

Key Benefits

  • Seamless Security Without Application Changes

    Unlike traditional security solutions that require integration of security SDKs, UniWSG implements all security measures on the server side, eliminating the need for any client-side modifications. For non-standard business pages, customizable rules enable automatic content replacement, ensuring seamless integration without application redevelopment and significantly reducing operational costs.

  • Unified Business Portal

    Features a built-in clientless portal that integrates seamlessly with internal business applications, IAM, and SSO systems to enable unified single sign-on. The portal’s login interface is fully customizable to accommodate enterprise-specific branding and requirements.

  • Minimized Internet Exposure

    Leverages a Zero Trust model to control and validate all incoming requests, dramatically reducing the risk of information leakage and external attacks.

  • Passwordless Authentication to Prevent Brute-Force Attacks:

    Enables secure passwordless authentication through mechanisms such as mobile app QR code scanning, facial recognition, or fingerprint verification. This approach effectively mitigates risks associated with brute-force attacks, man-in-the-middle attacks, and replay attacks.

  • Ensured High Availability for Business Systems

    Implements intelligent load balancing to manage traffic distribution, preventing direct traffic surges on backend business systems. This ensures high availability and operational stability for critical business applications.

Business Scenarios

Secure Access for Mobile Workforce
In industries such as finance, manufacturing, and government, employees frequently rely on collaboration platforms like DingTalk, WeCom (WeChat Work), and Feishu for mobile work. However, these services often require exposing internet-facing ports, creating significant security risks. UniWSG helps conceal business service ports without disrupting employees’ existing workflows, enabling secure and seamless access for mobile workforces.
Security for Hospital Service Platforms
Hospitals commonly provide convenient services—such as appointment scheduling and payment—via public channels like official WeChat accounts or mini programs. UniWSG helps reduce hospitals’ internet exposure, ensuring secure operation of these services. It also facilitates compliance with regulatory security inspections from health authorities by quickly identifying and resolving security issues, maintaining a stable and secure business environment.
Remote Access Management for Universities
UniWSG supports universities in minimizing the internet exposure of critical systems, such as academic administration platforms and online service portals. This ensures that faculty and students can enjoy the convenience of remote access while significantly reducing security risks and maintaining a stable and secure access environment.
Unified Security Operations for Network Management Domains
As cybersecurity initiatives intensify, internal system management consoles have become prime targets for cyberattacks. Enterprises often face challenges due to the scattered nature of backend addresses across various business systems, security management consoles, and network maintenance platforms, making unified management complex and operationally burdensome. UniWSG enables centralized operations and protection for diverse management backends, significantly improving enterprises’ security management efficiency and defense capabilities.
Remote Access for Overseas Employees
Overseas employees frequently encounter challenges accessing internal corporate web applications due to network restrictions and the inability to install client software. UniWSG offers a convenient remote access solution that requires no client installation. Employees can securely connect to internal applications directly via a web browser, ensuring efficient, secure work experiences for global staff and supporting the enterprise’s worldwide operations.

Main Safety Design

  • Establishes secure sessions based on application fingerprinting or credential verification, ensuring only legitimate connections are permitted

    Guarantees the trustworthiness of business requests through protocol parsing and identity authentication processes

  • Utilizes cloud-based adaptation to intelligently embed digital and vector watermarks

    Provides versatile watermarking capabilities to safeguard enterprise data security.

  • Performs traffic cleansing through in-depth decoding and analysis of web traffic.

    Supports parsing of various common HTTP/HTTPS data submission formats, effectively defending against a wide range of web application attacks and mitigating common OWASP threats.