¡Únase a nosotros en SASE Summit de Netskope, llegando a una ciudad cerca de usted! Regístrese ahora

  • Servicio de seguridad Productos Edge

    Protéjase contra las amenazas avanzadas y en la nube y salvaguarde los datos en todos los vectores.

  • Borderless SD-WAN

    Proporcione con confianza un acceso seguro y de alto rendimiento a cada usuario remoto, dispositivo, sitio y nube.

  • Plataforma

    Visibilidad inigualable y protección contra amenazas y datos en tiempo real en la nube privada de seguridad más grande del mundo.

La plataforma del futuro es Netskope

Intelligent Security Service Edge (SSE), Cloud Access Security Broker (CASB), Cloud Firewall, Next Generation Secure Web Gateway (SWG) y Private Access for ZTNA integrados de forma nativa en una única solución para ayudar a todas las empresas en su camino hacia el Servicio de acceso seguro Arquitectura perimetral (SASE).

Todos los productos
Vídeo de Netskope
Borderless SD-WAN: el comienzo de la nueva era de la empresa sin fronteras

Netskope Borderless SD-WAN offers an architecture that converges zero trust principles and assured application performance to provide unprecedented secure, high-performance connectivity for every site, cloud, remote user, and IoT device.

Read the article
Borderless SD-WAN
Netskope ofrece una estrategia de seguridad cloud moderna, con capacidades unificadas para los datos y protección frente a amenazas, además de un acceso privado seguro.

Explora nuestra plataforma
Vista aérea de una ciudad metropolitana
Cambie a los servicios de seguridad en la nube líderes del mercado con una latencia mínima y una alta fiabilidad.

Más información sobre NewEdge
Lighted highway through mountainside switchbacks
Habilite de forma segura el uso de aplicaciones de IA generativa con control de acceso a aplicaciones, capacitación de usuarios en tiempo real y la mejor protección de datos de su clase.

Descubra cómo aseguramos el uso generativo de IA
Safely Enable ChatGPT and Generative AI
Soluciones de confianza cero para implementaciones de SSE y SASE

Learn about Zero Trust
Boat driving through open sea
Netskope hace posible un proceso seguro, rápido y con inteligencia cloud para la adopción de los servicios en la nube, las aplicaciones y la infraestructura de nube pública.

Learn about Industry Solutions
Wind turbines along cliffside
  • Nuestros clientes

    Netskope da servicio a más de 2.000 clientes en todo el mundo, entre los que se encuentran más de 25 de las 100 empresas de Fortune

  • Soluciones para clientes

    Le apoyamos en cada paso del camino, garantizando su éxito con Netskope.

  • Formación y certificación

    La formación de Netskope le ayudará a convertirse en un experto en seguridad en la nube.

Ayudamos a nuestros clientes a estar preparados para cualquier situación

Ver nuestros clientes
Woman smiling with glasses looking out window
El talentoso y experimentado equipo de servicios profesionales de Netskope proporciona un enfoque prescriptivo para su exitosa implementación.

Learn about Professional Services
Servicios profesionales de Netskope
Asegure su viaje de transformación digital y aproveche al máximo sus aplicaciones en la nube, web y privadas con la capacitación de Netskope.

Learn about Training and Certifications
Group of young professionals working
  • Recursos

    Obtenga más información sobre cómo Netskope puede ayudarle a proteger su viaje hacia la nube.

  • Blog

    Descubra cómo Netskope permite la transformación de la seguridad y las redes a través del servicio de seguridad (SSE).

  • Eventos & Workshops

    Manténgase a la vanguardia de las últimas tendencias de seguridad y conéctese con sus pares.

  • Seguridad definida

    Todo lo que necesitas saber en nuestra enciclopedia de ciberseguridad.

Podcast Security Visionaries

Episodio de bonificación 2: El cuadrante mágico para SSE y obtener SASE correctamente
Mike y Steve analizan el Gartner® Magic Quadrant™ para Security Service Edge (SSE), el posicionamiento de Netskope y cómo el clima económico actual afectará el viaje de SASE.

Reproducir el pódcast
Episodio de bonificación 2: El cuadrante mágico para SSE y obtener SASE correctamente
Últimos blogs

Cómo Netskope puede habilitar el viaje de Zero Trust y SASE a través de las capacidades del borde del servicio de seguridad (SSE).

Lea el blog
Sunrise and cloudy sky
Gira mundial del día de inmersión en AWS de Netskope 2023

Netskope ha desarrollado una variedad de laboratorios prácticos, talleres, seminarios web detallados y demostraciones para educar y ayudar a los clientes de AWS en el uso y la implementación de los productos de Netskope.

Learn about AWS Immersion Day
Socio de AWS
¿Qué es Security Service Edge (SSE)?

Explore el lado de la seguridad de SASE, el futuro de la red y la protección en la nube.

Learn about Security Service Edge
Four-way roundabout
  • Empresa

    Le ayudamos a mantenerse a la vanguardia de los desafíos de seguridad de la nube, los datos y la red.

  • Por qué Netskope

    La transformación de la nube y el trabajo desde cualquier lugar han cambiado la forma en que debe funcionar la seguridad.

  • Liderazgo

    Nuestro equipo de liderazgo está firmemente comprometido a hacer todo lo necesario para que nuestros clientes tengan éxito.

  • Partners

    Nos asociamos con líderes en seguridad para ayudarlo a asegurar su viaje a la nube.

Apoyar la sostenibilidad a través de la seguridad de los datos

Netskope se enorgullece de participar en Vision 2045: una iniciativa destinada a crear conciencia sobre el papel de la industria privada en la sostenibilidad.

Descubra más
Supporting Sustainability Through Data Security
La más Alta en Ejecución. Más Avanzada en Visión.

Netskope ha sido reconocido como Líder en el Gartner® Magic Quadrant™ de 2023 en SSE.

Obtenga el informe
Netskope ha sido reconocido como Líder en el Gartner® Magic Quadrant™ de 2023 en SSE.
Pensadores, constructores, soñadores, innovadores. Juntos, ofrecemos soluciones de seguridad en la nube de vanguardia para ayudar a nuestros clientes a proteger sus datos y usuarios.

Conozca a nuestro equipo
Group of hikers scaling a snowy mountain
La estrategia de venta centrada en el partner de Netskope permite a nuestros canales maximizar su expansión y rentabilidad y, al mismo tiempo, transformar la seguridad de su empresa.

Learn about Netskope Partners
Group of diverse young professionals smiling

Fishtech Labs’ Jeff Doyle on the Cloud Ramp Framework, The importance of interoperability, and why we should deesign for failure

Jun 01 2016
Etiquetas
Cloud Best Practices
Cloud Security

Below is a casual, informative interview with Jeff Doyle, VP of Research at our partner, Fishtech Labs. For those who don’t know Fishtech, they’re a technology accelerator focused on security and networking and with a lot of expertise in the cloud. Their leadership comprises many of the leaders from Fishnet Security, which you may know merged with Accuvant last year and became Optiv. Fishtech recently released its Certified Cloud Ramp Framework (CRF), of which Netskope is the Cloud Access Security Broker of target technologies facilitating Fishtech’s new cloud migration and operating model. I caught up with Jeff last week to understand his views and thinking behind the CRF.

Jamie: What is Fishtech’s goal with this framework?

Jeff: I think there are a couple of ways to look at this framework. First, our intention was to give customers a proven, tested migration path to the cloud. People talk a lot about migrating to the cloud, and what the business benefits and risks of cloud are, but there’s a real gap in the conversation about how to get there.

We want to help our customers come up with not just a methodology or architecture, but a tested path and integrated operating model. We want to help them ensure that what they’re creating isn’t a snowflake, or one-off architectural approach. The more they custom-build their cloud infrastructure, the more one-off their ongoing operations become. That’s not efficient for anyone. We also want to help them ensure that the architecture they choose is well-vetted against their requirements, in the market, and also in our own labs. This way they know fully what they need, what they’re getting with the components they are choosing, and what to expect from the overall solution.

Moreover, while our customers have a good set of tools for operating in a physical environment, as they move into cloud those tools may not be well suited or are less relevant. Besides helping them identify new gaps based on their business requirements, we want to help them ensure they’re not force-fitting tools into their environment because they solve an immediate need but instead to look at the overall set of tools that work together, are well suited for their needs, and are made for cloud environments.

Getting a little more brass-tacks, we have four goals for addressing our customers’ needs:

  1. Help them achieve operational efficiency with the cloud services they’re using and the way they secure them.
  2. Provide them visibility so they understand their cloud environment, usage, and data.
  3. Enable them to control data sprawl to corral and protect sensitive or regulated data.
  4. Help them build business continuity into their overall model, an overall objective of cloud but one that’s not always thought about in the security context.

Jamie: What are some of the core requirements in your mind as Fishtech came up with this framework?

Jeff: One thing to note about this framework is that we try to steer customers from choosing a single solution in a vacuum and without looking at or thinking about their architecture as a whole. Even if they sequence their technology purchases one at a time, we encourage them to think from an overall architecture point-of-view based on their business requirements and where they’re going. So when they evaluate a particular tool (or we evaluate it on their behalf), besides looking at the goals of the product, does the tool fit the overall architecture. This is key for cloud migration so essential pieces don’t get left behind.

An important part of ensuring this is our own labs. When we say these solutions are vetted or proven, the whole idea is that we’ve taken selected and carefully chosen technology partners like Netskope and looked at not just what the solution does, but how well it works with all of the other elements within an architecture. We’re testing in our lab and even eating our own dog food by using that architecture as Fishtech Labs!

Jamie: What technologies did you select and why?

Jeff: We took a hard look at what was needed for organizations to consume cloud services securely. Those elements include Cloud Access Security Broker (CASB), Single Sign On (SSO), Data Loss Prevention (DLP), endpoint security, micro-segmentation capabilities, network security, next-generation firewall, orchestration, provisioning, software-defined WAN (SDWAN), security information and event management (SIEM), threat detection, and visualization. We also incorporate cloud providers themselves, such as Amazon Web Services and Microsoft Azure.

We chose those technologies based on the kinds of services our customers have, how well they support them as well as interoperate with them, and finally, how well they interoperate with each other. Take, for example, our environment, which looks a lot like those of our cloud-consuming customers. We use Office 365 apps like SharePoint and OneDrive, as well as Salesforce.com for CRM, Citrix GoToMeeting for collaboration, and Paycor for our HR payroll processing. For SSO, we chose the service that best helped us manage secure access to those apps and also worked well with the other vendors, which turned out to be Okta. Similarly, we chose TITUS because of its robust data classification capabilities and because it integrated well with the rest of the vendors we see often. For CASB, Netskope was a good fit because of its deep cloud app activity monitoring and advanced cloud DLP capabilities. Seeing Netskope interoperate with Okta, TITUS, and the other vendors like Splunk, Cyphort, and Microsoft Office 365 solidified our choices.

Simply knowing that these products interoperate because they have forged marketing and business development partnerships is one thing, and certainly not sufficient for us at Fishtech. We really dig in and validate this interoperability in our lab. We want the confidence that you get from this tight-knit community – that we’re all working together toward our customers’ goals.

Beyond verifying interoperability, we also look at how successful these technologies are in the market. For example, on the SDWAN front, Viptella is a big partner of ours. They’ve done tremendously well in large environments where flexibility is needed to support a rich set of use cases. Beyond customer base, security is in our DNA. Security and governance are huge elements of everything we do. We don’t look just at a security solution, but the overall cloud solution and how we do every piece of that securely. We rely heavily on the Cloud Security Alliance (CSA) Cloud Controls Matrix and Security Trust & Assurance Registry (STAR), the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) frameworks, as well as the European Union Agency for Network and Information Security (ENISA) models. If you look at our technology evaluation process, you’ll see that these standards influence our thinking a great deal.

Jamie: Tell us a little bit more about how you evaluate technology.

Jeff: One of big challenges our customers face is verifying what is reality out of a vendor’s solution and what is still slideware. The POC becomes a key piece. That’s one of the services we offer beyond our CRF – an independent analysis of how the solution really works. And we try to get beyond the idea of whether the product works as advertised, but really bang on it to know it really well so we can best advise the customer for how to get the most value out of it. Sometimes we actually do find a product that works really well, but just isn’t a fit given the customer’s business objectives.

Here’s an example: We did a project for a customer in which we evaluated an SDN solution. It was really cool and mostly worked as advertised. But one of the things we uncovered was that it was really immature from an operational perspective. The documentation was non-existent and it wasn’t at all clear how the customer should enable certain features when the product became operational. We had to follow up with the company’s support team, and when we did, it took a while to find the person who had the right answer. Similarly, the product versioning was obscure and releases weren’t well-managed. In short, it was just so immature operationally that we had to give the product a “thumbs’ down” because our customer would not be able to be successful with it given the reality of what they were able to take on operationally.

Where we really shine for our customers is not just defining the “how” of implementing new technology, but the “what” and the “why.” A customer can look at a vendor’s marketing materials, and based on their own plans, figure out how to implement. But they don’t always ask “What are the real benefits to my business?” We often start with the whiteboard and map out the customer’s business objectives. Then we strategize what the overall architecture should be to support those objectives. If our customer is going to spend the money, we want to help them think it through so they’re not moving in the direction of expensive dead-ends. From there, we offer our lab as a vendor-independent place to do POCs and solutions analysis, whether it’s a side-by-side with multiple vendors or simply an in-depth analysis of how the solution will work so the customer knows what to prepare for. And finally, we develop a close partnership with the technologies in our portfolio so we can influence the direction of technologies and have a strong impact in the interoperability and effectiveness of those top technologies on behalf of our customers.

Jamie: Given your networking expertise, what do you look for in network design whether you’re looking at a security technology or otherwise? What do you consider a red flag?

Jeff: I look for overall network design. Is it standardized? Is it something we can replicate over and over again in their environment or, if data center-based, in their data centers. Is the architecture proven in other data centers. For example, is the solution compartmentalized in a pod architecture or spread across multiple datacenters. This can matter a great deal for certain solutions. Next, is it designed to support business goals?

Here’s a big consideration, and something I’ve been working on for a while now: Is it designed for failure? This is huge. So many organizations spend time and money to design on ensuring uptime and high-availability of systems rather than acknowledging that failure will happen and build to ensure that any element can fail and the network still stays up. I think Facebook does a good job of this and has a wonderful reference architecture. I also love Netflix’s Chaos Monkey Program, where failure is not only planned for, it is built into the system…in production! It’s a brilliant forcing function for designing for failure!

Finally, I look for “human-proof” elements in systems. Anywhere from 60-75% of network failures are directly attributable to human error. So one thing I look for is whether the solution abstracts operations from physical access, such as what you’d get in a command line interface (CLI). The operational people should play at the policy orchestration layer using an if-then-else programmatic approach, not in the CLI explicitly telling each system element what to do.

Jamie: How do you see the CRF evolving over time?

Jeff: One thing you can expect us to do more of is help our customers evolve from more of a siloed culture to a DevOps one. It’s not just an organization thing, but a cultural transformation within IT and within organizations. A culture of DevOps came from the idea that it doesn’t work well to have a development organization that hands a product off to an operational organization that implements the product in production, and only THEN does security get involved. Having cross-functional teams involved from day one in software development, security (and other operational best practices) will be implemented along the way, the right way. This way, solutions are developed and deployed much more efficiently and customers can shorten their time to value. It requires a complete cultural change, though. The running joke in our industry is that people develop new protocols and start deploying them, and only then ask, “How do I secure this?” In many cases, security has been viewed as enemy – an inhibitor to innovation. Our goal is to help dispel this idea. As we work more with customers and influence and grow with this way of thinking, so too will our framework evolve with that. We will look more and more through this lens in selecting new technology and vendors and in the services we deliver and how we deliver them.