How it Works

The Netskope Active Platform can be deployed 100 percent in the cloud, as an on-premises appliance, or via a hybrid configuration that includes both.

Netskope

Platform Overview

The Netskope Active Platform can be deployed 100 percent in the cloud, as an on-premises appliance, or via a hybrid configuration that includes both. Once you get access to your Netskope cloud tenant, cloud traffic is then steered for inspection using Netskope’s patented all-mode traffic steering technology that provides several out-of-band and inline options ensuring that you get 100% coverage for users on-premises, mobile, and remote and whether they are using a browser, mobile app, desktop app or sync client to access sanctioned or unsanctioned cloud services. SSL-encrypted cloud traffic is safely decrypted using Netskope’s cloud-scale architecture as part of the traffic steering process.

Getting access to the cloud traffic is only the first step, using patented technology, the Netskope Context Engine enables you to see real-time cloud activity details in context. By mapping out the API interactions of billions of transactions across tens of thousands of apps, the Netskope Context Engine has built the intelligence you need to go beyond wondering what byte movements represent. This allows you to understand risky behavior and take action to protect sensitive data, stop online threats, and respond to incidents immediately and thoroughly.

Unique Capabilities

Advanced, Enterprise DLP

Traditional DLP tools are built for on-premises, perimeter-based protection that has very little understanding of the context of cloud applications. But with the explosion of cloud, new DLP tools like Netskope help address data that goes beyond the perimeter.

Netskope covers all cloud traffic, from mobile apps, sync clients, and native apps to off-premises devices, allowing you to inspect all traffic for potential DLP violations.

With Netskope, you have comprehensive cloud DLP that uses industry-standard content inspection incorporating 3,000+ data identifiers for various geographies and languages, more than 500 file types, with the added benefit of support for language agnostic double-byte characters, custom regular expressions, exact match, proximity analysis, and document fingerprinting. Reduce your false positives with our industry-leading DLP and integrate with your on-premises DLP tools to continue leveraging your existing investments. And combined with end-to-end incident management capabilities and automated workflows, you’ll be set in protecting your sensitive data, whether it’s in transit to the cloud or already resident in your sanctioned cloud services.

Architected for Any Use Case

Netskope is architected to cover all cloud security use cases in a comprehensive manner. Flexibility starts with the option of being deployed as a 100 percent cloud service, as an on-premises appliance, or in a hybrid manner that includes both. Netskope is the only vendor with an all-mode architecture that supports all ways enterprises steer traffic to the Netskope cloud for visibility and control. Our customers are in production across every deployment architecture offered in the market today, including log-based discovery, API introspection, inline as a reverse proxy, inline as a forward proxy with or without agents or mobile profiles, in secure TAP mode, and in proxy-chaining mode. We have abstracted our analytics and policy enforcement engine from our deployment options, which allows customers to add to their deployments quickly and with minimal disruption. Netskope can easily add new apps in our modular data plane with no impact to the rest of the platform.

Granular Policies for All Apps

Netskope sees and decodes all cloud traffic, not just sanctioned browser traffic like most CASBs. Our patented, all-mode architecture gives you visibility and control over sanctioned and unsanctioned apps whether users are on a web browser, mobile app, or sync client. When nine out of 10 of your cloud apps are unsanctioned, visibility and control are critical!

Now combine that full visibility with granular policy controls. Rather than take a sledgehammer approach by always blocking cloud apps, use the Netskope Context Engine as your scalpel. Identify risky activities and their context, such as sharing outside of the organization or downloading confidential data to a BYO device, and block or throttle those instead. Choose from policy outcomes such as “block,” “alert,” “bypass,” “encrypt,” “quarantine,” and “coach” to match the appropriate enforcement to each policy violation.

For sanctioned services like Microsoft Office 365, Box, and G Suite, Netskope provides full-spectrum governance across user, app, device, location, activity, and content. Enforce policies such as “Coach users when they attempt to download personally identifiable information (PII) from any HR app to a mobile device,” and more. For unsanctioned apps, Netskope provides visibility and control at the app, app instance, or category level with “set-it-once” policies like “Block the download of PII to all mobile devices.”

Cloud Threat Protection

Although the cloud makes it easy for you to collaborate and share, these same capabilities make the cloud an attractive target for attackers trying to spread malware and carry out other malicious activity. Netskope is the only CASB with comprehensive, advanced threat protection for cloud services, combining a unique cloud vantage point with multi-layered threat detection and remediation capabilities. Netskope sees cloud traffic that other security solutions cannot, such as that in sync clients, mobile apps, and SSL-encrypted cloud services, opening your eyes to threats hiding in plain sight in your popular cloud services.

Backed by Netskope Threat Research Labs, a dedicated team focused on the discovery and analysis of new cloud threats, drawing from 40+ threat intelligence sources, and using advanced machine learning technology, Netskope provides multiple layers of threat detection and a range of remediation options to address new cloud threats, which too often evade existing security solutions.

Architectural Advantage

Flexible Deployment Options

Netskope offers the industry’s only all-mode architecture that supports any use case. This starts with the option of being deployed 100 percent in the cloud, as an on-premises appliance, or via a hybrid configuration that includes both. When it comes to traffic steering, Netskope supports every possible out-of-band and inline mode, including forward and reverse proxy, secure TAP, API, and log-based discovery. These modes are often used in parallel to cover customers’ multiple use cases.

Learn more
Netskope Context Engine

The Netskope Context Engine enables you to see real-time cloud activity details in context. By mapping out the API interactions of billions of transactions across tens of thousands of apps, the Netskope Context Engine has built the intelligence you need to go beyond wondering what byte movements represent. This allows you to understand risky behavior and take action to protect sensitive data, stop online threats, and respond to incidents immediately and thoroughly.

Learn more
Cloud Scale Architecture

Netskope has built its infrastructure and software architecture at cloud scale. Unlike traditional security solutions that are limited by the compute, storage and I/O that is available in a physical appliance, our cloud-scale platform has virtually infinite resources that can be applied to solve customer problems. The Netskope cloud-scale security platform enables you to implement our cloud security service throughout your global environment without impacting user experience.

Learn more
Technology Integrations

Leverage your existing investment in technologies such as firewalls and proxies, on-premises DLP, SIEM, IAM, MDM, data classification, endpoint protection, sandboxing, and more to enable a comprehensive cloud security solution. Netskope provides out-of-the-box integrations in addition to a REST API that enable custom and expanded integration capabilities.

Learn more