close
close
Your Network of Tomorrow
Your Network of Tomorrow
Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.
          Experience Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            Netskope debuts as a Leader in the Gartner® Magic Quadrant™ for Single-Vendor SASE
              Securing Generative AI for Dummies
              Securing Generative AI for Dummies
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Modern Data Loss Prevention (DLP) for Dummies
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Modern SD-WAN for SASE Dummies Book
                  Modern SD-WAN for SASE Dummies
                  Stop playing catch up with your networking architecture
                    Understanding where the risk lies
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                        The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                          Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                            Netskope GovCloud
                            Netskope achieves FedRAMP High Authorization
                            Choose Netskope GovCloud to accelerate your agency’s transformation.
                              Let's Do Great Things Together
                              Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.
                                Netskope solutions
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Netskope Technical Support
                                  Netskope Technical Support
                                  Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
                                    Netskope video
                                    Netskope Training
                                    Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.

                                      The Right Steps to SASE: Place Core Inspection Points Between Users and Apps

                                      Jun 03 2021

                                      The following is an excerpt from Netskope’s recent book Designing a SASE Architecture for Dummies. This is the third in a series of seven posts detailing a set of incremental steps for implementing a well-functioning SASE architecture.

                                      With a Next Generation Secure Web Gateway (NG-SWG) firmly in place and your visibility into all your traffic dramatically increased, one thing is certain: You may not like what you see next.

                                      Are your people using Microsoft Office 365? Salesforce? Workday? Box? The answer is almost certainly, yes. But how big and how mature is that cloud environment beyond your security perimeter and outside of what you can easily see? Just how much of your organization’s data is running around out there, unchecked?

                                      For the first time, your organization will be aware of just how at-risk it has been. You’ll see the flow of data, some of which may be particularly sensitive, among unsecured sites, services, and apps.

                                      Now you have a truthful, and likely worrying, picture of where your organization stands with respect to its dependence on the cloud environment. So many apps and services, so few effective security controls. Until now.

                                      As we explain throughout Designing a SASE Architecture for Dummies, NG-SWG establishes a single-pass, funnel-like, core inspection point for all your traffic in the cloud and in the data center. That core inspection point is better than your old perimeter — way, way better.

                                      Remember, whether it’s the result of Shadow IT that’s been knowingly ignored or a more deliberate process of business digitalization, your old and outmoded security systems have been blind to the details. By replacing old SWG and similar appliances, you’ll finally have complete visibility into who’s using non-enterprise-grade applications/services, and what enterprise data is being sent “out there” beyond your control. NG-SWG and its new inspection points in the cloud let you see what’s going on inside all that traffic, as shown in the table below, managed software as a service (SaaS), Shadow IT apps, public cloud services, and custom apps in the public cloud.

                                      Out with the OldIn with NG-SWGNetskope NG-SWG Integrates with . . .
                                      Legacy SWG — only yes/no to web traffic.Deep inspection of all traffic: web, managed SaaS, shadow IT apps, public cloud services, and custom apps in the public cloud.Single sign-on solution (SSO)
                                      Secure Sockets Layer (SSL) appliance.SSL/Transport Layer Security (TLS) decryption is performed in the cloud at cloud-scale with no appliances required.
                                      Legacy cloud access security broker (CASB) monitors only managed apps that provided application programming interfaces (APIs).Monitors managed apps plus the unmanaged apps that don’t offer APIs; also sees what data is being used with apps, services, and websites.

                                      If you’d like to read the complete Designing a SASE Architecture for Dummies book, you can download a complimentary copy here!

                                      author image
                                      Chad Berndtson
                                      Chad Berndtson is global head of content and communications at Netskope. He joined the team in 2020 following several years building successful content, communications, and social media teams at Palo Alto Networks, Tanium, and Fortinet. Earlier in his career, Chad was a technology journalist focused on networking, security, and other IT topics at the dawn of the cloud era.
                                      Chad Berndtson is global head of content and communications at Netskope. He joined the team in 2020 following several years building successful content, communications, and social media teams at Palo Alto Networks, Tanium, and Fortinet. Earlier in his career, Chad was a technology journalist focused on networking, security, and other…

                                      Stay informed!

                                      Subscribe for the latest from the Netskope Blog