fechar
fechar
Sua Rede do Amanhã
Sua Rede do Amanhã
Planeje seu caminho rumo a uma rede mais rápida, segura e resiliente projetada para os aplicativos e usuários aos quais você oferece suporte.
          Experimente a Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            Líder em SSE. Agora é líder em SASE de fornecedor único.
            Líder em SSE. Agora é líder em SASE de fornecedor único.
            A Netskope estreia como líder no Quadrante Mágico™ do Gartner® para Single-Vendor SASE
              Protegendo a IA generativa para leigos
              Protegendo a IA generativa para leigos
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Prevenção Contra Perda de Dados (DLP) Moderna para Leigos
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Livro SD-WAN moderno para SASE Dummies
                  Modern SD-WAN for SASE Dummies
                  Pare de brincar com sua arquitetura de rede
                    Compreendendo onde estão os riscos
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        Os 6 casos de uso mais atraentes para substituição completa de VPN herdada
                        Os 6 casos de uso mais atraentes para substituição completa de VPN herdada
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          A Colgate-Palmolive protege sua “propriedade intelectual "” com proteção de dados inteligente e adaptável
                          A Colgate-Palmolive protege sua “propriedade intelectual "” com proteção de dados inteligente e adaptável
                            Netskope GovCloud
                            Netskope obtém alta autorização do FedRAMP
                            Escolha o Netskope GovCloud para acelerar a transformação de sua agência.
                              Let's Do Great Things Together
                              A estratégia de comercialização da Netskope, focada em Parcerias, permite que nossos Parceiros maximizem seu crescimento e lucratividade enquanto transformam a segurança corporativa.
                                Netskope solutions
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Suporte Técnico Netskope
                                  Suporte Técnico Netskope
                                  Nossos engenheiros de suporte qualificados estão localizados em todo o mundo e têm diversas experiências em segurança de nuvem, rede, virtualização, fornecimento de conteúdo e desenvolvimento de software, garantindo assistência técnica de qualidade e em tempo hábil.
                                    Vídeo da Netskope
                                    Treinamento Netskope
                                    Os treinamentos da Netskope vão ajudar você a ser um especialista em segurança na nuvem. Conte conosco para ajudá-lo a proteger a sua jornada de transformação digital e aproveitar ao máximo as suas aplicações na nuvem, na web e privadas.

                                      Explaining the Importance of Netskope’s Recent Expansion of NewEdge in the UK

                                      Apr 11 2023

                                      Over the past few weeks, our UK team has been very excited about the expansion of our NewEdge infrastructure, specifically the addition of a new data centre in London. Knowing that this was the fourth data centre in the UK, I cornered our EMEA CISO Neil Thacker, and our new UK public sector lead Tim Parkins, to find out what all the fuss was about. 

                                      Emily:  Can you explain to me, why is this fourth data centre in the UK so exciting? I read this blog post about NewEdge which told me that “understanding coverage isn’t just about counting data centres”… so what’s so cool about this one? 

                                      Neil: Our NewEdge infrastructure includes two different types of data centres, Data Planes (DPs) and Management Planes (MPs). You are right that we already have three Data Planes in the UK—two in London and one in Manchester, all “full compute” locations with the full stack of our security services available.  These Data Planes handle our UK customers’ data traffic within the UK jurisdiction. But up until a month ago, we relied on European or rest-of-world data centres to provide the Management Plane.

                                      Emily: OK, so this is the first UK Management Plane. Remembering that I do not have an engineering background, can you explain the difference?

                                      Neil: Our Data Planes are the data centres through which our customers’ traffic traverses. They are where the traffic processing and security controls are applied. We locate Data Planes as close to our users and their office locations as possible, so our service can be as fast and low latency as possible. These Data Planes also have extensive interconnections and peering – remember we directly peer with Microsoft, Google, AWS, Salesforce, Akamai…all the major SaaS companies…in every location possible in order to optimise traffic from the Data Plane to the user’s ultimate destination for the best possible user and application experience.

                                      If Data Planes process the actual traffic, then you can think of the Management Planes as the place where the administration of the customer’s tenant and Netskope services happens. Management Planes host the Netskope Admin UI, so this is where users get configured, policies are defined and it’s also where sensitive metadata and logs are stored. The Management Planes are also where Netskope’s out-of-band, API-based services and complementary solutions get delivered from (I won’t list those, but we are able to be really clear with customers about what goes where in our infrastructure, which is really important so customers can make informed decisions about what they use).

                                      Emily: That makes sense (thank you for keeping it simple for me). So—given we have loads of customers in the UK, and only Data Planes over here until recently—presumably our service works just fine for UK customers when using any of our global Management Planes? 

                                      Neil: Sure it does, and we have hundreds of customers that can attest to this fact. But for some customers, especially those in highly regulated industries such as finance, government, or healthcare, data sovereignty and jurisdiction requirements encourage additional levels of geographic control over their data. For most organisations, a local Data Plane is sufficient to comply with all necessary laws and regulations about protecting and securing sensitive data. We designed our platform for “data minimisation” or “privacy by design.” Technical approaches like only storing transaction logs (not the original data file) and policies around data retention in the MP (wherever it resides), are typically good enough for the vast majority of organisations’ regulatory requirements and preferences. But not all….

                                      Emily: Who are we talking about—who has more specific jurisdiction requirements?

                                      Tim: For starters, UK public sector organisations. Or those who supply UK government departments and have to comply with the more stringent data supply chain guidelines that are a condition of those contracts. 

                                      Neil: Certain sectors can impose commercial terms restricting data transfers. This is typically based on relevant sector guidance (rather than laws) or general perceptions in relation to personal data that leaves the UK.  A couple of good examples are the UK National Health Service’s NHS and Social Care Data: Off-shoring and the Use of Public Cloud Services Guidance and the Financial Conduct Authority’s Guidance for Firms Outsourcing to the Cloud and Other Third Party IT Services. In each instance, there is room for commercial interpretation which can sometimes lead to interpretations that data residency is optimal.

                                      And it is also a consideration for any industry that might have specific laws around, for instance, export controls. We work with a large British defence supplier and the UK has laws around the export of both products and data which mean they prefer to be able to demonstrate that everything we are doing for them is happening on British soil. 

                                      Tim: The new NewEdge data centre in London is the final piece in the puzzle of our post-Brexit European network. For a long time, we have had Management Planes in Amsterdam and Frankfurt, which tick the compliance box for our EU/EEA customers. Plus we have one in Zurich because the Swiss financial sector needs local jurisdiction within Switzerland. We also have one in Riyadh for customers with the same concerns in the Kingdom of Saudi Arabia. And now we have London for the UK. We cover other regions as well of course, with Management Planes in strategic jurisdictions all over the world. We also ensure customers always have access to their company-specific logs and metadata in any of our Management Planes. This allows them, if needed, to download and store this data on-premises or in a local public cloud instance if required for their specific country. This isn’t just a UK issue and we are constantly evolving our infrastructure to address specific customer needs—as legislation imposes data sovereignty and jurisdiction requirements in different nations. We also have plans to add even more Management Planes, positioned in strategic locations around the world.

                                      Emily: Is this how all SSE vendors organise their infrastructure?

                                      Neil: I wish that was an easy question to answer. The reality is that other companies are often opaque about their infrastructure. For example, not always being clear about whether the data centre has “full compute” or all services available, or if it’s even accessible to all customers without additional surcharges or fees. And everyone uses different names for these data centre descriptions—in part because the data centre infrastructure is organised differently too. The thing is, working with so many large global customers—and national governmental departments around the world – we can’t afford to be opaque in this area. When I talk to customers and prospects our transparent infrastructure approach is definitely one of the things that attracts them to us for SSE and SASE. 

                                      Emily: OK so give us a couple of tips for things organisations can ask vendors to identify how a platform infrastructure complies with their specific regulatory requirements…

                                      Neil: They should ask whether they are able to request and get access to event data, metadata, logs, and information on policy violations from their cloud security vendor. Even more importantly, they should confirm that end-user personal data can be limited to specific countries (whether that’s in the US, UK, Switzerland, Saudi Arabia or the EU—whatever jurisdiction they need). It’s also important that customers can define “zones” in which they want to contain their user’s traffic, for example only allowing UK-based users to connect to UK data centres. It’s incredibly common for vendors to span data sovereignty regions with their infrastructure, or run specific products to serve all international customers from different global data centres—and both approaches can sometimes create problems for regulated industries in certain markets.

                                      Emily: That sounds like a very useful thing to know. Alright, I can see why this is exciting then. So the upshot is, with this new NewEdge Management Plane in London we are now able to better meet the regulatory requirements of a range of organisations in the UK. Thanks both!

                                      If you want to know more about our NewEdge network, there’s lots of good information here.

                                      author image
                                      Emily Wearmouth
                                      Emily Wearmouth is a technology communicator who helps engineers, specialists and tech organizations to communicate more effectively.
                                      Emily Wearmouth is a technology communicator who helps engineers, specialists and tech organizations to communicate more effectively.

                                      Mantenha-se informado!

                                      Assine para receber as últimas novidades do Blog da Netskope