Deploy CASB without an agent

Take advantage of all-mode deployment, including agentless

Netskope

Frictionless CASB deployment

A popular CASB deployment method is to install agents on Macs, PCs, and iOS and Android devices to provide real-time visibility and control of cloud usage. However, for some enterprises, deploying agents is not ideal because of a variety of reasons whether political, technical or somewhere in between. While deploying an agent is always an option, Netskope also supports agentless modes including every possible out-of-band and inline configuration, from forward and reverse proxy, to secure TAP, API, and log-based discovery. These modes are often used in parallel to cover customers’ multiple use cases.

Key Features

Forward proxy

Choose from the broadest variety of agentless forward proxy configurations to gain visibility into cloud usage and enforce real-time policy controls over activities and data in any cloud service, sanctioned or unsanctioned.

  • Real-time visibility and control
  • Sanctioned and unsanctioned cloud services
  • Browser, mobile app, and sync client
Reverse proxy

Use a reverse proxy deployment to gain real-time visibility into cloud usage and enforce real-time policy controls over activities and data in sanctioned services.

  • Real-time visibility and control
  • Sanctioned cloud services
  • Covers browser traffic
  • Seamless integration with your identity provider
API Introspection

Use an out-of-band API connection into your sanctioned cloud services to find sensitive content, enforce policy controls, and stop threats.

  • Near real-time visibility and control
  • Sanctioned and unsanctioned cloud services
  • Browser, mobile app, and sync client
Log discovery

Discover cloud services in use in your organization by parsing log data from your existing perimeter security device. You even have the option to tokenize your log data in the cloud for data privacy and residency purposes.

  • Out-of-band (near real time)
  • Discovery and risk assessment
  • Sanctioned and unsanctioned cloud services

Flexible Deployment Options

Select from a variety of deployment options including agentless

Select a single deployment option like API introspection or combine with one of the forward proxy modes to expand use case coverage.

Requirements

Sanctioned services

Choose API Introspection to get near real-time visibility and control of sanctioned cloud services, a reverse proxy configuration for real-time visibility and control of browser access to sanctioned services, or one of the forward proxy modes for real-time visibility and control without the need for an agent.

Unsanctioned services

Choose from one of the forward proxy modes for real-time visibility and control of unsanctioned cloud services without the need for an agent.

Why an agent?

There are use cases when an agent makes sense. First, an agent deployment is arguably the easiest to configure. Send an invitation via email to install the agent to selected users on Macs, PCs, and iOS and Android devices, or leverage integration with SCCM or MDM solutions to deploy at scale. Agents also cover use cases such as when users on managed devices are off network and connect directly to cloud services.

Trusted by leading companies

Netskope Active Platform — data sheet

Learn about all the features included in the Netskope Active Platform and how it protects your organization’s cloud usage.

Learn more

Deploying a Multi-Mode CASB – Movie Line Monday video

Watch how multi-mode CASB deployments can help maintain corporate security while still allowing users to keep their privacy. Learn about the different scenarios and types of devices (managed and unmanaged) that can be used in a multi-mode CASB deployment to satisfy various security and privacy requirements.

Learn more

Want to see Netskope in action?

Request a Demo