Sorry, you need to enable JavaScript to visit this website.

08 March 2018

Web Isolation: A New Line of Defence

Today, with an evolving threat landscape, the web gateways have morphed into a key component of the cybersecurity defences. If a threat attempts to penetrate the security perimeter through a browser on the network, web gateways can be a key line of defence.

But conventional web gateways can’t match the sophistication of today’s cyber attacks and hackers. Over-reliance on them can put your data, users, customers, organisations and reputations at risk for a number of reasons:

Misclassification of websites

Detection-based approaches to cyber defences are never 100% accurate so some websites are misclassified or not classified at all. This means employees can still access malicious sites because they can’t be categorised by the web gateway filtering tool.

Infection from safe sites

Websites that have been classified as safe can still infect networks because they often serve content from aggregated sources.

Reduced productivity

Overly aggressive URL filtering or blocking uncategorised sites can prove frustrating for end users who require access to carry out their jobs.

Web Isolation: A New Line of Defence

Isolation is a new threat prevention approach that offers more options than traditional web gateways.

They supplement web security defences using isolation technologies to “air gap” the corporate network from the Internet and eliminate the risk of malware. Gartner estimates that by 2021, 50% of enterprises will leverage isolation to reduce the impact of attacks, up from less than 5% in 2016.

Recent developments integrate isolation technologies with existing web gateways without additional endpoint installation. Using a proxy to filter all web requests and directing them to the isolation platform, web sessions are processed remotely via a secure environment, and only a safe visual stream is sent to users’ browsers.

Isolation works through virtualisation technology to effectively block all malware attacks without the need to detect, understand or even recognise the attack pattern before acting on it.  In this respect, web isolation is an "air-gapped protection" that restricts offensive code from hopping across one isolation zone to another.

Unlike detection-based approaches used by web gateways, web isolation avoids the decision-making process of deciding which website is safe and which is not. The isolation prevents malicious content from reaching the end user. As a result, employees have more freedom to access websites without risking infection from an accidental click or uncategorised website, thanks to a network-based, agent-less isolation platform.

Web isolation incurs a smaller network performance overhead than web gateways. There are no false negative alerts so security teams can save resources that will otherwise be wasted on unnecessary investigations. Isolation technology therefore eliminates the cumbersome process of endless user requests for access to legitimate but unclassified business sites.

With web isolation, an organisation can maintain an effective security defence against ransomware, phishing, and malware because of the “air gap” between end-users and web attack surface. There is little room to execute Zero-day exploits or Flash/Java vulnerabilities since all attacks are isolated in a remote secure environment.

Detection-based solutions and secure web gateways are far from being 100% effective in stopping breaches. But with web isolation, breaches can be isolated and contained in ways that don’t leave a mark on enterprises.

On top of web isolation, it is also paramount to keep your enterprise cloud secure, especially with increasing adoption of private and hybrid cloud, and SaaS. 

 

 

Let our Cloud Experts help you design and deliver
cloud services that best fit your needs.