Netskope Integrates Targeted RBI Within SASE Architecture

There is the marketing of secure access service edge (SASE), and then there is the actual integration of key capabilities that provide the benefits of less complexity, consolidation, and lower cost of operations a properly implemented SASE architecture provides. The integration of remote browser isolation (RBI) into the Netskope Security Cloud is another milestone in how Netskope is leading the way for the SASE journey, enabling Zero Trust, and helping enterprises embrace digital transformation projects. 

Most RBI deployments involve forward proxy chaining configurations between siloed solutions, sometimes in different public cloud infrastructures where SLAs and health monitoring may vary.  This configuration often includes specific certificates, allowing unique URLs, and extra policy configuration steps. If there are issues, then you have two separate solutions and perhaps multiple vendors involved, further complicating resolution. 

There are other impacts of siloed solutions for RBI deployments including unique threat protection and DLP defenses. While your forward proxy is inspecting web and cloud traffic using the known threat and data protection defenses you have configured, any web traffic forward-proxy-chained to a unique RBI solution may traverse an entirely different set of threat and data protection defenses. This means administrators face multiple management consoles, policy engines, configurations, and locations for alerts to investigate. 

Netskope simplifies the use of RBI for desired websites by using an “isolate” policy action within its secure cloud, providing one platform, one console, and one policy engine to make administration easy. With the complexity of forward proxy chaining configurations removed, you have one vendor, one set of threat and data defenses, and one place to investigate alerts. Netskope inline inspection with decrypting TLS includes user traffic for web, managed SaaS, shadow IT apps, public cloud services, and public-facing custom apps in the public cloud. That means all five lanes of user traffic in one SASE solution, with fully integrated defenses including RBI.

One of the most popular use cases for RBI is pixel rendering of risky websites, which often includes uncategorized sites, security risk-rated sites, newly registered domains, and parked domains. You can allow users to safely visit these websites or a custom list of URLs with RBI knowing the execution of a user’s browsing session is within a dedicated, isolated, and ephemeral remote air-gapped browsing environment. The inflight rendering of web pages into pixel streaming means no active content reaches the endpoint hardware or browser, protecting company assets from any malware and zero-day targeted attacks carried in web content.

This innovative RBI integration invoked with one simple policy command sets the foundation to leverage isolation capabilities across the rest of Netskope SASE components including Next Gen SWG, CASB, and ZTNA. 

Netskope developed its RBI product for the Netskope platform by leveraging the isolation and security expertise and domain knowledge of a team focused on RBI since 2015 when they founded their company Randed. The acquisition of Randed also extended Netskope’s expanding presence in Europe by adding a new development center in Spain.

Join Netskope for “Unpacking updates to the Netskope SASE and Zero Trust Platform” on September 16, 2021, when you’ll learn where Netskope fits into the SASE architecture, an overview of the new and updated Netskope products, and how the benefits of these products mean better security, faster performance, and lower total cost of ownership.