Netskope’s cloud perimeter secures enterprise data

Get a free Techzine subscription!

How do you achieve the desired level of security with the right tools? Many security vendors are currently looking for the answer. Consolidation is a smart move, according to many experts. Netskope, which has been active in the market for a number of years now, also sees bringing together security solutions as the next step.

In recent years, a lot of good security solutions have emerged. They aim to solve specific problems of enterprises. They are often able to deliver on this promise, but the question is whether they do it in reality. Sometimes more than 100 security solutions are deployed within a company. However, they aren’t deployed efficiently enough. After all, the teams that are responsible for the services are too small to get the most out of each solution.

This has to change. Instead of using solutions from perhaps dozens of vendors, a company should ideally rely on just a few vendors. These security vendors then each offer a wide range of solutions, all of which work well together and complement each other.

Which direction are we going precisely?

Netskope wants to head in that direction as well. The company intends to provide organisations with multiple security solutions that work well together. Ideally, this approach is described as Secure Access Service Edge (SASE) or Elastic Cloud Gateway, two definitions introduced by Gartner and Forrester respectively. In these approaches, network and security solutions come together in one cloud-based product. These include, for example, Software-Defined Wide Area Network (SD-WAN) and firewall technologies on the network side and Cloud Access Security Broker (CASB) and Data Loss Prevention (DLP) on the security side.

Netskope wants to provide organisations with multiple security solutions that work well together

Netskope is currently seeing accelerated adoption of this kind of architecture. Enterprises are migrating their on-premise perimeter infrastructures at their own pace and, if it makes sense, to a cloud perimeter. Because this also consolidates points solutions, more visibility and control is created. There is only a single user interface for managing traffic. It simplifies the work of teams as the responsibilities for several point solutions can be unclear and too divided. Security teams and network teams are currently responsible for individual products that have something in common. With a more unified approach, these responsibilities can merge and eventually be handled by a single team.

The migration to a cloud perimeter is further accelerated by an explosive increase in mobile working and increased use of cloud applications. Since the language of the cloud is JSON/API, it is not logical to send traffic from mobile workers to a traditional on-premise security perimeter. These perimeters, or point solutions, are blind to this traffic. According to Netskope, enterprises opt for a SASE cloud perimeter to keep visibility and control of the traffic and to support working from home.

Approach

To support the migration of companies, Netskope secures various traffic to protect the data. The NewEdge infrastructure is important to achieve the right security levels. According to Netskope the infrastructure is the largest private cloud in the world with very high performance. By developing the complete product suite with a strong focus on cloud infrastructure, Netskope aims to guarantee good data security, threat prevention and end-user experience. Ultimately, Netskope uses this infrastructure to secure various kinds of traffic, like Software as a Service (SaaS), Infrastructure as a Service (IaaS) and web traffic, as well as Private Access.

Because of this strong cloud focus, Netskope does not have a direct background in hardware or software. With this approach, Netskope aims to appeal to companies that also make a conscious choice for the cloud. Over the past 15 years, companies have built a very strong physical perimeter that cannot be dropped instantly. In reality, however, many employees are no longer exclusively located behind this physical perimeter. As a company, you can make the choice to gradually move away from directing traffic towards that physical perimeter, in order to increasingly embrace a cloud perimeter.

Netskope has built support for this into its platform, which you can refer to with classic terms from the network and security worlds. Organisations that are looking for new Secure Web Gateway (SWG) and Virtual Private Networks (VPN’s) architectures are especially likely to end up with Netskope, the company says. The company achieves this by focusing its solutions on large enterprise organisations with a strong cloud focus. These are organisations from, for example, the financial services and healthcare sectors.

If we take a closer look at how Netskope differentiates itself with its Secure Web Gateway, the company does so by combining SWG functionality with a CASB and Data Loss Prevention. Basically, an SWG ensures that unsecured traffic does not gain access to a company’s internal network. The CASB, in turn, ensures that security policies are adhered to when accessing the cloud to protect data and user accounts. Finally, there is Data Loss Prevention, the technology to prevent data leaks. When these functionalities are combined, Netskope talks about a next-gen SWG that can decrypt and decode cloud services and web traffic. This SWG approach ensures the visibility and context needed to comply with policies and protect data.

Besides, many companies come to Netskope to replace their VPN solutions. Netskope offers a Zero Trust Network Access (ZTNA) architecture. Users can use this architecture to gain secure access to their applications. This is a step forward according to Netskope, since with ZTNA the security level, scalability, and cost structure improve. Netskope’s ZTNA solution promises to provide a cloud-first architecture to protect applications and data anywhere. It also uses a zero-trust approach: users will only be granted access once they have been authenticated for the applications they need.

Netscope delivers a cloud perimeter

All these solutions integrate as much as possible within a console and interface to ensure visibility and to easily roll out policies across environments, for example.

Consolidation will continue

Netskope clearly chooses to provide a cloud perimeter. The company sees a bigger opportunity, compared to a strong on-premise focus. Opinions on that approach can differ, as there are companies that consciously choose for on-premise. If that applies to your company, then Netskope isn’t suited for you. However, if you believe in a cloudy future, then Netskope can help you solve many security issues.

Netskope also sees a wave of consolidation taking place in the future. Many security solutions can achieve better results when they are unified. Within the security industry, this consolidation is also seen as the way forward, making it a realistic vision. We are therefore looking forward to seeing what Netskope will be doing next to realise the future they are working towards.