Just over three years ago, Joe DePalo joined Netskope as Senior Vice President of Platform Engineering. He had most recently led the infrastructure design and build-out at AWS, the world’s largest public cloud, and prior to that, engineering and operations for one of the largest content delivery networks (CDNs) at Limelight Networks. By then CDNs had become a key underpinning of the Internet and to this day remain integral to delivering much of the media, software, and streaming video content that most people take for granted. What interested Joe and his team the most about Netskope was the opportunity to apply their learnings from AWS, Limelight, among other cloud and hyperscale companies, to the unique challenges of better securing Internet and cloud traffic.
Netskope was already on the right track with the investments it had made, for example with its CloudXD™ technology that provided rich context around applications, their operations, different personal versus business instances, user context, device posture, and more. But back in 2018, the number one complaint from Netskope customers was service availability and performance. While Netskope had pioneered real-time, in-line cloud access security broker (CASB) services, its global footprint was just about a half a dozen points of presence, roughly half in the public cloud and half physical servers in co-location facilities. Today, CASB, secure web gateway (SWG), plus Cloud Firewall, and Zero Trust Network Access (ZTNA) are the cornerstone of what analysts call Security Service Edge (SSE), and performance and availability are key requirements.
Thankfully, before SSE had even been coined as an industry acronym, the Platform Engineering team at Netskope realized that to truly deliver cloud security, at scale, with the depth and breadth of capabilities required for the future, the old approach of racking and stacking a mix of servers and vendor boxes and relying on the public cloud alone wouldn’t cut it. Focusing on large, centralized data centers was less important than focusing on the network edge. Accordingly, significant attention was paid to selecting the best locations for positioning compute resources to process and secure traffic. That led to the mission that Joe and his team focused on in the months and years that followed, namely to overcome the limitations of the public internet with a focus on delivering security without performance trade-offs.
This approach encompassed the software and hardware components selected, and ultimately put into the racks deployed into production – all focused on the use-case of cloud security and delivering on SSE. This was paired with the right operational approaches such as leveraging automation for the rapid scale-out of the Netskope infrastructure going forward. This has been discussed at great length in previous blogs, such as “Inside the Netskope NewEdge Data Center Factory.” It also dictated the careful selection of the locations where equipment was situated, what peering relationships were established (for example with the likes of Microsoft, Google, Amazon, Salesforce, among many prominent web/CDN, cloud, and SaaS providers), the selection of premium lowest-latency transit, the ideal Internet Service Provider (ISP) “eyeball networks” to connect with for the broadest possible reach to end-users, as well as the intricacies of routing and traffic engineering. Again, every decision along the way guided by the north star of delivering security and speed–without trade-offs– manifested in NewEdge, the infrastructure that today powers the Netskope Security Cloud Services.
The beginning of NewEdge
In February 2019, the first NewEdge data center was launched in Tokyo, Japan. Knowing the intense focus that Japanese customers put on quality, starting in Japan had its unique challenges. It forced the rigor from day one on the design and implementation of NewEdge that would ultimately be required for Netskope to be successful with the world’s largest enterprise customers. Today, Netskope includes more than 25 of the prestigious Fortune 100 as customers, among thousands of other customers around the world. Over the remainder of 2019, more than a dozen NewEdge data centers were launched across the Americas, Europe, and Asia-Pacific regions.
It was also during this period of time that Netskope made the hard cut-over from its legacy reliance solely on public cloud and appliance-oriented software and hardware stacks deployed in third-party data centers. During this time period, the company also embraced architectural advantages like tapping a single-pass architecture and ensuring every NewEdge data center was the “real thing,” massively overprovisioned, with full compute, all services available, and accessible to every customer (from anywhere in the world, accessing from any device) without surcharges.
In 2020, the world was turned upside down by the COVID-19 pandemic and what will surely go down in history as one of the most disruptive times for humankind. Not only did this upend the traditional ways of doing business, but it also had the interesting side effect of adding fuel to the fire of cloud adoption. This put vendors like Netskope in the crosshairs of every enterprise’s networking and security team as they looked to better extend access to remote workers, secure access to the web, cloud, SaaS, and private applications, and better protect the valuable data, the enterprise’s crown jewel, while simultaneously guarding against threats.
Fortunately, even with all of the radical challenges that 2020 presented, Netskope was able to follow its enterprise customers in their accelerated journey to the cloud and digital transformation. This was precisely due to the approach taken with NewEdge and something that is continuing to pay dividends as the world now struggles with supply-chain issues that further accelerate cloud adoption. While most of the world was locked down and many organizations struggled, Netskope was proudly able to launch 20 data centers during the course of one year, including four in roughly a month across Latin America.
It was also during 2020 when Netskope helped educate customers, as well as key industry influencers, on key considerations so important in their selection of cloud security vendors. This involved not only assessing the features and functions needed for SSE but the equally important underlying infrastructure that powered these services and capabilities. As an example, Netskope highlighted how counting data centers alone didn’t translate into better coverage, since many vendors relied on “fake” or virtual Points of Presence (vPOPs) or had to backhaul their traffic inside their own cloud networks repeating the mistakes learned with traffic “hairpinning” common in legacy enterprise, MPLS-based Wide Area Networks (WANs).
What’s next for NewEdge
Now that 2021 is in the rearview mirror and the first month of 2022 is upon us, it is exciting to report that in 2021–between the roughly 20 newly launched or expanded data centers–Netskope matched the scale-out of the NewEdge infrastructure achieved in 2020. And already for this year, Netskope continues its cadence of aggressive expansion with the most recently launched data center in Querétaro, Mexico, as well as data centers coming online in the coming w