Product Documentation

Secure Web Gateway Analytics

A Citrix Secure Web Gateway (SWG) appliance at the edge of the enterprise network acts as an internet proxy. The appliance can operate in transparent proxy mode or explicit proxy mode and offers controls to intercept internet traffic, including HTTPS. A decision to intercept, bypass, or block any requests is made based on the policies configured on the appliance. A user is authenticated before logging on to the enterprise network. All requests and responses are tagged to the user and the user activities are logged in the appliance. For more information, see Citrix Secure Web Gateway.

When you integrate the Citrix Application Delivery Management (ADM) with a Citrix SWG appliance, the logged user activity and the subsequent records on the appliance are exported to Citrix ADM by using logstream. Citrix ADM collates and presents information on the activities of users, such as, websites visited and the bandwidth spent. It also reports bandwidth use and detected threats, such as malware and phishing sites. You can use these key metrics to monitor your network and take corrective actions with the Citrix SWG appliance.

To integrate a Citrix SWG appliance with Citrix ADM:

  1. On the Citrix SWG Appliance, while configuring the Secure Web Gateway, enable Analytics and provide the details of the Citrix ADM instance that you want to use for analytics.

  2. In Citrix ADM, add the Citrix SWG appliance as an instance to Citrix ADM. For more information see, Add Instances to Citrix ADM.

Secure Web Gateway Analytics

In this article