An Introduction To The Safeweb Engine

We estimate that 98% of external information security attacks are carried over the public internet, and that 80% of these attacks are targeted directly at end user browsers using web traffic or malicious URLs.


Our mission is a simple one, we aim to isolate our users from malware and web based threats, allowing them to use the internet without worrying about cyberattacks. We do this in a simple way, by physically isolating your internet activity away from your local machine, in doing so we also physically isolate any of the associated risks that come with using the internet.

tuCloud is the developer of the Safeweb Engine, a proprietary remote browsing platform designed to effectively isolate your users from malware in a secure, cost effective and highly scalable way. The Safeweb Engine was built on the principles of the Safeweb model, a physical isolation cybersecurity model that we first developed in collaboration with National Nuclear Security Administration cybersecurity teams. We were proud to be the first company on the planet to host a large scale remote browsing platform, for thousands of federal government users in high security environments.

We realized earlier than most that virtualization is an inefficient vehicle for handling browsing compute loads and our move away from virtualization and towards containerization means that we need roughly 10x less server infrastructure than our competitors solutions. We also realize that isolation is not enough and so we go a step beyond isolation to first destroy and then rebuild every web page, before it is delivered to the user, providing them with a cleaner and purer internet.

The Safeweb Engine platform allows you to quickly set up and begin protecting your internet users from cyberattack, enabling them to ‘remote browse’ through our secure Safeweb cloud servers and isolating the associated risks away from your networks. We offer the most scalable and cost effective browser isolation platform on the market and we believe that our model and architecture sets us above our competition in ten key ways:

1. No Client Software Required
There is no client side software or plugin required, tuCloud users can simply browse safely after authenticating in a tab. Enterprises can shield all users by configuring browsers to use a standard proxy port via an Active Directory policy.

2. Securely Browse The Internet
Our users can can browse any websites including those that cannot be categorized by secure web gateways without worrying about being attacked by ransomware, phishing sites, XSS attacks, cookie stealing and drive-by download attacks, allowing them to use the internet in a worry free way.

3. Securely Read Emails
Our users can read emails with active contents (html/javascript), the urls embedded inside emails can be automatically redirected into our Safeweb platform, meaning that there is no need to worry about your users being attacked through their email.

4. Total Malware Isolation
We completely and utterly isolate your users from malware, all active contents and scripts are executed on the Safeweb isolation platform and no attacks are ever leaked outside the isolated Safeweb environment, providing isolation peace of mind.

5. Browsing Policy & History
Using our administrative control panel, administrators can easily set up a URL whitelist and/or blacklist policies, all browsing history can also be logged for subsequent security auditing and we can easily integrate into existing user management systems.

6. Multiple Isolation Mechanisms
We isolate effectively at multiple levels to ensure that our users are kept safe from cyber threats. The Safeweb Engine employs rendering isolation, session isolation, process isolation and connection isolation to provide the worlds most secure remote browsing environment.

7. Innovative Rendering Engine
We decided a long time ago that isolation is not enough, so we go a step further and render every web element, before displaying it to the user. Our isolation engine renders website and encodes the rendering results according to the content type, then the client side rendering engine decodes and renders the content to restore the full website experience before delivery to the end user.

8. Container Clustering
The Safeweb Engine is built upon a highly scalable and efficient container based architecture, our compute cluster is based on Docker container model and our isolation engine is packaged and executed as a container, meaning that it’s cost-effective to deploy and operate a Safeweb platform.

9. Grid Distribution/Parallelization
The Safeweb Engine leverages a unique grid distributed infrastructure that does not require any SAN or specialized appliance hardware. Because of our architecture, it is easy and cost effective to stretch cluster additional virtual, cloud and physical servers into the Safeweb grid to expand capacity.

10. API Friendly
We built the Safeweb Engine from the ground up to be API friendly, meaning that it is designed to integrate easily with your existing systems and security tools. Our API rich environment makes it easy for you to tool our service to suit your needs.

It is these ten points above all that set us apart from our competition and they reflect the notion that we have been isolating users from malware longer than most. We provide a fully hosted and fully managed remote browsing solutions hosted out of our EMP proof, ex-government communications bunker, meaning that even if your adversaries launch an nuclear strike on our datacenter facility, we will still keep on delivering services as expected, adhering to our four 9's SLA.

If you are still letting your internet users browse the internet directly from their local machines, then we need to have a serious conversation about enhancing your cybersecurity posture. Let us help you achieve internet peace of mind.

EDITORIAL NOTE: What’s that? You like the things we write? Follow @tuCloud on Twitter for more!

Previous PostA Cybersecurity Horror Story
Next PostAffordable Remote Browsing