fechar
fechar
Sua Rede do Amanhã
Sua Rede do Amanhã
Planeje seu caminho rumo a uma rede mais rápida, segura e resiliente projetada para os aplicativos e usuários aos quais você oferece suporte.
          Experimente a Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            Líder em SSE. Agora é líder em SASE de fornecedor único.
            Líder em SSE. Agora é líder em SASE de fornecedor único.
            A Netskope estreia como líder no Quadrante Mágico™ do Gartner® para Single-Vendor SASE
              Protegendo a IA generativa para leigos
              Protegendo a IA generativa para leigos
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Prevenção Contra Perda de Dados (DLP) Moderna para Leigos
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Livro SD-WAN moderno para SASE Dummies
                  Modern SD-WAN for SASE Dummies
                  Pare de brincar com sua arquitetura de rede
                    Compreendendo onde estão os riscos
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        Os 6 casos de uso mais atraentes para substituição completa de VPN herdada
                        Os 6 casos de uso mais atraentes para substituição completa de VPN herdada
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          A Colgate-Palmolive protege sua “propriedade intelectual "” com proteção de dados inteligente e adaptável
                          A Colgate-Palmolive protege sua “propriedade intelectual "” com proteção de dados inteligente e adaptável
                            Netskope GovCloud
                            Netskope obtém alta autorização do FedRAMP
                            Escolha o Netskope GovCloud para acelerar a transformação de sua agência.
                              Let's Do Great Things Together
                              A estratégia de comercialização da Netskope, focada em Parcerias, permite que nossos Parceiros maximizem seu crescimento e lucratividade enquanto transformam a segurança corporativa.
                                Netskope solutions
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Suporte Técnico Netskope
                                  Suporte Técnico Netskope
                                  Nossos engenheiros de suporte qualificados estão localizados em todo o mundo e têm diversas experiências em segurança de nuvem, rede, virtualização, fornecimento de conteúdo e desenvolvimento de software, garantindo assistência técnica de qualidade e em tempo hábil.
                                    Vídeo da Netskope
                                    Treinamento Netskope
                                    Os treinamentos da Netskope vão ajudar você a ser um especialista em segurança na nuvem. Conte conosco para ajudá-lo a proteger a sua jornada de transformação digital e aproveitar ao máximo as suas aplicações na nuvem, na web e privadas.

                                      Securing IaaS and PaaS — A Look Back at Three Years of Innovation

                                      Mar 07 2017
                                      Tags
                                      AWS Security
                                      CASB
                                      Cloud Best Practices
                                      Cloud Security
                                      Google Cloud Security
                                      IaaS Security
                                      Microsoft Azure Security
                                      Tools and Tips

                                      Over the past several months we’ve been talking about the Critical CASB Use Cases  — there are 15 of these that we highlight, ranging from the management of unsanctioned versions of sanctioned cloud services to the control of managed vs. unmanaged device access to Microsoft Office 365. Worthy of a deeper dive are the various use cases found in the usage of Infrastructure as a Service (IaaS) platforms that require a CASB. By now, many of us know that it’s quite important to include services like Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure when assessing the risk of cloud service usage within the enterprise. This is validated by the many organizations who have recognized that they need to protect the critical workloads running in these services as well as the sensitive data residing in them. This has made the visibility and control of IaaS platforms one of the hotter topics for us so far this year and it’s gratifying to see increasing customer interest in securing IaaS platforms. As many folks know, here at Netskope we have been working steadily to expand our coverage of these services since we delivered the CASB industry’s first real-time, inline connectors for Amazon Web Services and Microsoft Azure way back in 2014. Today, Netskope provides both real-time, inline visibility and control of IaaS usage as well as API-based introspection across a range of IaaS platforms.

                                      Here are some of the ways that organizations use Netskope to secure their IaaS platforms:

                                      Granular visibility and activity-level control of IaaS usage

                                      Many of our customers choose Netskope to better understand their IaaS usage and define granular policies to address any risky activities in IaaS platforms. Frequently, our customers have multiple instances of an IaaS platform running in their organization (e.g. for dev, QA and production or for different lines of business) and take advantage of Netskope’s unique ability to tailor different policies for each IaaS instance. Within a specific IaaS instance, they are creating granular policies for specific activities. For example, alert on the creation of a new VM instance within AWS, or block the reboot activity for a production workload in Azure. In AWS Identity and Access Management, they are able to restrict an AWS admin from creating new policies or modifying admin permissions.

                                      Detailed IaaS audit logs for reporting and forensics

                                      Some organizations want to maintain detailed audit logs of their IaaS usage for reporting and forensics purposes. For example, a Fortune 100 retailer is using Netskope API introspection for Google Cloud Platform to monitor all users and activities in GCP and they use Netskope to make sure that external developers are not accessing unauthorized projects or performing unauthorized activities on VM instances or other objects within specific GCP projects. Similarly, an international energy company needed to maintain a detailed audit trail of all admin activity across multiple instances of AWS being used by its different lines of business. They accomplished this with Netskope’s integration with the AWS CloudTrail API.

                                      Sensitive data protection in IaaS clouds

                                      The critical workloads in IaaS clouds are very often connected to stores of sensitive customer or business information, so most of our customers want to understand what data is moving into their IaaS clouds and take steps to protect their sensitive data. Netskope was the first CASB to deliver real-time, inline DLP capabilities for IaaS, which gives our customers the ability to detect sensitive content en route to and from Amazon S3 buckets and EC2 instances, Google Cloud Storage and Azure Storage and to create granular policies to reduce the risk of sensitive data exposure and maintain compliance with regulatory requirements. And Netskope’s deep visibility into the files moving in and out of IaaS clouds also enables our customers to use Netskope Threat Protection to inspect IaaS for malicious or infected files, such as web exploits, backdoors, and other forms of malware.

                                      Protecting custom apps in PaaS and IaaS clouds

                                      The ability to protect custom apps built or housed in a public or private PaaS or IaaS is imperative. Netskope’s capabilities include visibility and policy enforcement for these custom apps. For Netskope customers, this extends beyond simple access control, since we’re also able to apply Netskope Cloud DLP and Netskope Threat Protection to custom apps. For private PaaS or IaaS usage, the Netskope Universal Connector is used in combination with our on-premises solution that utilizes a wide range of heuristics to be able to detect user activity and scan for any DLP violations.

                                      How do these use cases match up with your security needs for your IaaS platform? We’d love to hear from you.

                                      Mantenha-se informado!

                                      Assine para receber as últimas novidades do Blog da Netskope