閉める
閉める
明日に向けたネットワーク
明日に向けたネットワーク
サポートするアプリケーションとユーザー向けに設計された、より高速で、より安全で、回復力のあるネットワークへの道を計画します。
          Netskopeを体験しませんか?
          Netskopeプラットフォームを実際に体験する
          Netskope Oneのシングルクラウドプラットフォームを直接体験するチャンスです。自分のペースで進められるハンズオンラボにサインアップしたり、毎月のライブ製品デモに参加したり、Netskope Private Accessの無料試乗に参加したり、インストラクター主導のライブワークショップに参加したりできます。
            SSEのリーダー。 現在、シングルベンダーSASEのリーダーです。
            SSEのリーダー。 現在、シングルベンダーSASEのリーダーです。
            Netskope、2024年ガートナー、シングルベンダーSASEのマジック・クアドラントでリーダーの1社の位置付けと評価された理由をご確認ください。
              ダミーのためのジェネレーティブAIの保護
              ダミーのためのジェネレーティブAIの保護
              ジェネレーティブ AI の革新的な可能性と堅牢なデータ セキュリティ プラクティスのバランスを取る方法をご覧ください。
                ダミーのための最新のデータ損失防止(DLP)eBook
                最新の情報漏えい対策(DLP)for Dummies
                クラウド配信型 DLP に移行するためのヒントとコツをご紹介します。
                  SASEダミーのための最新のSD-WAN ブック
                  SASEダミーのための最新のSD-WAN
                  遊ぶのをやめる ネットワークアーキテクチャに追いつく
                    リスクがどこにあるかを理解する
                    Advanced Analytics は、セキュリティ運用チームがデータ主導のインサイトを適用してより優れたポリシーを実装する方法を変革します。 Advanced Analyticsを使用すると、傾向を特定し、懸念事項に的を絞って、データを使用してアクションを実行できます。
                        レガシーVPNを完全に置き換えるための6つの最も説得力のあるユースケース
                        レガシーVPNを完全に置き換えるための6つの最も説得力のあるユースケース
                        Netskope One Private Accessは、VPNを永久に廃止できる唯一のソリューションです。
                          Colgate-Palmoliveは、スマートで適応性のあるデータ保護により「知的財産」を保護します
                          Colgate-Palmoliveは、スマートで適応性のあるデータ保護により「知的財産」を保護します
                            Netskope GovCloud
                            NetskopeがFedRAMPの高認証を達成
                            政府機関の変革を加速するには、Netskope GovCloud を選択してください。
                              一緒に素晴らしいことをしましょう
                              Netskopeのパートナー中心の市場開拓戦略により、パートナーは企業のセキュリティを変革しながら、成長と収益性を最大化できます。
                                Netskopeソリューション
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange(CE)は、セキュリティ体制全体で投資を活用するための強力な統合ツールをお客様に提供します。
                                  Netskopeテクニカルサポート
                                  Netskopeテクニカルサポート
                                  クラウドセキュリティ、ネットワーキング、仮想化、コンテンツ配信、ソフトウェア開発など、多様なバックグラウンドを持つ全世界にいる有資格のサポートエンジニアが、タイムリーで質の高い技術支援を行っています。
                                    Netskopeの動画
                                    Netskopeトレーニング
                                    Netskopeのトレーニングは、クラウドセキュリティのエキスパートになるためのステップアップに活用できます。Netskopeは、お客様のデジタルトランスフォーメーションの取り組みにおける安全確保、そしてクラウド、Web、プライベートアプリケーションを最大限に活用するためのお手伝いをいたします。

                                      Announcing Security Service Edge (SSE) for Dummies, the Industry’s First SSE Book!

                                      Jan 13 2022

                                      Security Service Edge (SSE) describes the evolving security stack crucial to a Secure Access Service Edge (SASE) journey, with core platform requirements that include CASB, SWG, and ZTNA capabilities. SASE is an architecture—really, a long-term journey that will change how we all think about security and networking. But SSE, as part of SASE, is a set of cloud-delivered security services you can acquire and make the most of today.

                                      Still, it can be difficult to separate clear, advice-driven information about SSE from what’s becoming an avalanche of industry buzz and marketing around both SSE and SASE. That’s why we’re so excited to release Netskope’s new book, Security Service Edge (SSE) for Dummies, the first SSE resource of its kind. True to the world-famous Dummies series it now joins, this book is intended to be your practical, no-B.S. explainer for SSE, its importance relevant to concepts like SASE, Zero Trust, and secure digital transformation, and fundamentally, how to build and deliver SSE capabilities.

                                      Below is an excerpt. You can grab your free copy of Security Service Edge (SSE) for Dummies here. Enjoy!

                                      Successful implementation of SASE and SSE is much more than swapping out technology. Zero Trust changes some basic assumptions about how security works. In the on-premises, network-based model, the assumption is that the network is secure and we must verify a person’s identity before granting access. So, we trust the network and verify the user. The typical paradigm granted the person access to everything or nothing—“allow” or “block” were the only choices. 

                                      Zero Trust changes this model as follows: 

                                      • When a person requests access, that request is evaluated in the context of several conditions. Identity is one of them, but the system also considers where the person is, the time of day, the device, the type of network connection, and many other variables.
                                      • The application to which the person is being connected is also part of that context. 
                                      • The desired service level is also an important factor. Is this a life-or-death use of an application or a video game played for fun? 
                                      • How the network path is protected may change based on the application being used. If someone is accessing their personal email account, an ordinary Internet connection is used, with Transport Layer Security (TLS) protection negotiated between their email server and email client. If a doctor is accessing patient records, a secure, encrypted, and authenticated path is established, regardless of the capabilities of the underlying network or application. 

                                      Based on this context, the confidence level of the person’s session is determined, and the person may be trusted either a little bit or a lot. A person requesting access at an unusual time from an unusual location to a highly-sensitive application (an instance of a low confidence level) likely will encounter a multi-step authentication process. The access granted may be limited to a small set of data and functions, and then in a read-only mode. A worker who’s accessing at their customary time from a secure location (an instance of a high confidence level) may get full access to all data and application capabilities. 

                                      Consider this example of a doctor accessing electronic health records via SSE that illustrates Zero Trust principles at work in SSE and how SSE helps bring Zero Trust principles to life: 

                                      • A doctor is carrying a facility-owned tablet as they treat a patient in the hospital. Based on the doctor’s identity, location, device, and other factors, the SSE determines it is safe to give the doctor full access to the patient’s records. 
                                      • The doctor walks across the street for a cup of coffee. They pop open a personal laptop, connect to the shop’s network, and try to access patient records. The SSE recognizes the doctor but identifies that the hospital does not own the laptop and that the laptop is on an unknown network. The doctor is allowed to view and comment on the records but can’t alter the data. 
                                      • The doctor is eating dinner at home; alerted to a crisis, they log their child out of Minecraft to use the family PC to access the patient’s records. The SSE recognizes that this computer is less secure than the hospital’s tablet. Instead of denying access, the SSE provides a series of prompts that enable the doctor to verify their identity further and frame the nature of the reason they need access. The SSE then provides the doctor with a secure set of resources to respond to the emergency —for example, inside an isolated browser session under control of the SSE. 

                                      Within network security, you often hear the term Zero Trust Network Access (ZTNA). ZTNA is an excellent choice for augmenting your virtual private network (VPN) to accommodate more remote access scenarios. With ZTNA, users don’t receive access to an entire portion of a network that could allow connections to many services. Instead, ZTNA grants the worker a connection only to the application they’re seeking to use and—as shown in our doctor story—only the minimum access needed to perform the task at hand.

                                      Implementing SSE using Zero Trust principles shrinks the attack surface and is far more data-driven, thus greatly improving the overall security posture. The level of risk presented by a person, an application, or a website undergoes continuous reevaluation. Security is adapting in real time based on changes in context. 

                                      If we take a closer look at this model and how it functions in the most advanced form, some important ideas emerge that can guide our efforts, among them:

                                      • Context
                                      • Least privilege
                                      • Risk scoring
                                      • Resource concealment
                                      • Continuous adaptive trust

                                      Get your copy of Security Service Edge (SSE) for Dummies to learn about all of these concepts in detail.

                                      author image
                                      Chad Berndtson
                                      Chad Berndtson is global head of content and communications at Netskope. He joined the team in 2020 following several years building successful content, communications, and social media teams at Palo Alto Networks, Tanium, and Fortinet. Earlier in his career, Chad was a technology journalist focused on networking, security, and other IT topics at the dawn of the cloud era.
                                      Chad Berndtson is global head of content and communications at Netskope. He joined the team in 2020 following several years building successful content, communications, and social media teams at Palo Alto Networks, Tanium, and Fortinet. Earlier in his career, Chad was a technology journalist focused on networking, security, and other…

                                      Stay informed!

                                      Subscribe for the latest from the Netskope Blog