Netskope Expands SASE and Zero Trust Platform
August 17, 2021

Netskope announced several key enhancements to its Netskope Security Cloud.

With enterprises rapidly adopting SASE architecture and applying Zero Trust principles in support of digital transformation efforts, teams seek security and networking providers that can offer complete, SASE-ready platform solutions.

"Enterprises know that security and networking must evolve toward a SASE architecture that applies Zero Trust principles. But they won't get there with legacy products that deliver a poor user experience, expose data in the cloud to a myriad of threat risks, and are expensive and complicated to maintain," said John Martin, Chief Product Officer of Netskope. "The enhancements we announce today add to what is already the industry's most complete SASE and Zero Trust solution, making it easier than ever for enterprises to simplify their security and networking, continuously manage risk, and protect data everywhere it is accessed."

The tightly integrated Netskope Security Cloud leverages a single-pass architecture, common management console, easy-to-use policy engine, unified client, and AI/ML intelligence, all of which translates into better security, faster performance, and lower total cost of ownership.

New enhancements to the Netskope Security Cloud include the following:

■ Netskope Cloud Firewall: Netskope Cloud Firewall is a firewall-as-a-service offering that helps reduce complexity, lower overall operational expenses, prevent a degraded user experience, and accelerate time-to-value for organizations transforming their security and networking to meet the demands of branch offices and a remote-first workforce.

Netskope Cloud Firewall is fully integrated into the Netskope Security Cloud and offers:

- Network security for all outbound ports and protocols for safe, direct-to-internet access using the Netskope client on managed devices or via GRE and IPsec tunnels for offices

- 5-tuple policy controls, user and group IDs, FQDNs, and wildcards for egress firewall settings, plus seamless FTP ALG support, and full logging (TCP, UDP, ICMP) with event export, including into Netskope Advanced Analytics

- Centralized access control, providing simplified management for users and branch offices using one console, one policy engine, and one security platform

■ Key Updates to Netskope Private Access For ZTNA: Netskope Private Access (NPA), a cloud-native ZTNA service, directly and securely connects users anywhere to specific internal resources hosted in the public cloud and/or private data centers. With new enhancements, NPA allows teams to:

- Reduce risk and securely connect corporate users, as well as third party contractors, to private resources, using the Netskope Client or using browser access for private web applications (instead of giving access to the network)

- Augment virtual private network (VPN) connectivity and simplify network routing, reducing reliance on legacy networking infrastructure and beginning the process of phasing out VPNs where appropriate

- Support hybrid cloud infrastructure, and provide direct, user-to-application connectivity, bypassing the limitations of legacy networking infrastructure

- Transition from an appliance-focused, cap-ex-centric model to a more efficient op-ex-centric service model for simplified maintenance, faster implementation, and easier scalability

■ Remote Browser Isolation (RBI)

Native remote browser isolation (RBI) capabilities are now fully integrated into the Netskope Security Cloud. Netskope developed its RBI product for the Netskope platform by leveraging the isolation and security expertise and domain knowledge of a team focused on RBI since 2015 when they founded their company Randed. The acquisition of Randed extended Netskope's expanding presence in Europe by adding a new development center in Spain.

While legacy Secure Web Gateways (SWG) are limited in that they can only block known bad websites and allow known good ones, RBI technology enhances SWGs by providing safe access to uncategorized and risky websites, removing threat risks or productivity limitations that can occur for users when sites are either fully allowed or fully blocked.

Targeted RBI renders uncategorized and security-risk websites (6-8% of all web requests) into pixel-streamed media to users while removing active scripts and potential web threats. Another key benefit of targeted RBI is to block file uploads and downloads and disable copy/paste/print activity for uncategorized and security risk websites to reduce data and threat risks. Netskope native RBI is fully integrated and invoked with an "isolate" policy control for desired web traffic, removing the complexity of forward proxy configurations.
Read the Netskope blog for more on RBI

■ SaaS Security Posture Management (SSPM)

SaaS security posture management (SSPM) capabilities help overcome misconfigurations, which in 2020 accounted for approximately 52% of security incidents where unintentional actions directly compromised the security of an information asset.

Netskope SSPM includes a set of features that help organizations:

- Avoid risky misconfigurations and configuration drift
- Simplify management and compliance
- Monitor users and administrator behavior
- Identify risky users and connected applications
- Facilitate the remediation of risks

Netskope's commitment to SSPM innovation includes its recent acquisition of Kloudless, a venture-backed company headquartered in Berkeley, California, whose team brought Netskope exceptional domain expertise with SaaS apps and APIs.

■ NewEdge Delivers Unprecedented Performance, Coverage, and Resilience: A SASE architecture needs the fastest, most scalable, most reliable connectivity possible. Netskope Security Cloud services run on NewEdge, the world's largest, highest-performing, and most well-connected security private cloud, allowing security to be deployed at the edge as close to the user as possible.

Today, NewEdge is powered by data centers in nearly 50 regions globally, with every data center offering full compute, all services available with no need to rely on the unpredictable performance of public cloud connectivity, and accessibility to every customer without surcharges.

Along with the continued global expansion of NewEdge, Netskope announced further enhancements to Service Level Agreements (SLAs) for its inline services including NG-SWG, CASB, NPA, and CFW, ensuring customers can be confident steering their traffic to NewEdge. Building on Netskope's existing five nines (99.999%) uptime/availability SLA, these expanded SLAs will address traffic processing latency within a NewEdge data center.

In addition, Netskope is releasing the first phase of Netskope Digital Experience Management (DEM). Enabled on a per-tenant basis and built natively into the existing Netskope Security Cloud, Netskope DEM further empowers customers—especially networking and infrastructure leaders—by providing critical visibility into their usage of Netskope Security Cloud services and traffic traversing NewEdge.

Share this

Industry News

May 19, 2022

Jellyfish announced the launch of Jellyfish Benchmarks, a way to add context around engineering metrics and performance by introducing a method for comparison.

May 19, 2022 announced the addition and integration of Cilium networking into its Gloo Mesh platform, providing a complete application-networking solution for companies’ cloud-native digital transformation efforts.

May 19, 2022

Aqua Security announced multiple updates to Aqua Trivy, making it a unified scanner for cloud native security.

May 18, 2022

Red Hat unveiled updates across its portfolio of developer tools designed to help organizations build and deliver applications faster and more consistently across Kubernetes-based hybrid and multicloud environments.

May 18, 2022

Armory announced public early access to their new Continuous Deployment-as-a-Service product.

May 18, 2022

DataCore Software announced DataCore Bolt, enterprise-grade container-native storage software for DevOps.

May 17, 2022

DevOps Institute, a global professional association for advancing the human elements of DevOps, announced the release of the Upskilling IT 2022 report.

May 17, 2022

Replicated announced a host of new platform features and capabilities that enable their customers to accelerate enterprise adoption of their Kubernetes applications.

May 17, 2022

Codefresh announced that its flagship continuous delivery (CD) platform will be made accessible as a fully-hosted solution for DevOps teams seeking to quickly and easily achieve frictionless, GitOps-based continuous software delivery in the cloud.

May 16, 2022

Red Hat announced new capabilities and enhancements across its portfolio of open hybrid cloud solutions aimed at accelerating enterprise adoption of edge compute architectures through the Red Hat Edge initiative.

May 16, 2022

D2iQ announced a partnership with GitLab.

May 16, 2022

Kasten by Veeam announced the new Kasten by Veeam K10 V5.0 Kubernetes data management platform.

May 12, 2022

Red Hat introduced Red Hat Enterprise Linux 9, the Linux operating system designed to drive more consistent innovation across the open hybrid cloud, from bare metal servers to cloud providers and the farthest edge of enterprise networks.

May 12, 2022

Couchbase announced version 7.1 of Couchbase Server.

May 12, 2022

Copado added Copado Robotic Testing to Copado Essentials.