About Us

Netskope Improvised Netskope Private Access

Netskope announced significant improvements to Netskope Private Access, the zero-trust network access (ZTNA) foundation of its security platform. Customers of Netskope can now apply zero trust principles to the broadest range of hybrid work security requirements, including SaaS, IaaS, private applications, web, e-mail, and endpoint devices.

In hybrid work environments, enterprises are rapidly adopting Secure Access Service Edge (SASE) technology architecture. ZTNA is critical to SASE, it enables organizations to transition from legacy remote access VPN infrastructure to a modern, efficient, and secure infrastructure.

Netskope Private Access, which provides ZTNA services, is an essential component of the Netskope Intelligent SSE platform. It connects users to corporate resources anywhere, using any device, and continuously evaluates context and adapts to reduce risk. This context has now been extended to the enterprise data layer, leveraging Netskope’s unified DLP capabilities. Netskope provides advanced data protection capabilities, which are highlighted as an area where other SASE and SSE vendors fall short.

John Martin, Chief Product Officer at Netskope stated, “Enterprises need data-centric ZTNA—period. Private applications often house some of an organization’s most valuable information, including trade secrets and code repositories, and are an absolute must for comprehensive data protection capabilities. These key enhancements to Netskope Private Access extend Netskope’s award-winning zero-trust data protection capabilities that much further, offering enterprises multiple options to protect the information, from inspecting private application traffic to applying DLP in risky use cases such as third-party access and BYOD.”

A hybrid work environment needs the ability to apply zero trust principles to govern user, device, network, application, and data behavior, thereby increasing confidence in policy enforcement everywhere. Under zero trust, technology resources no longer implicitly trust any entity seeking to connect. The resource can determine an appropriate level of confidence, or trust, only for that specific interaction and by evaluating several contextual elements such as user role and identity, device identity and security posture, time of day, data sensitivity level, and more. Businesses become more agile, reduce risk, and streamline application deployment and ongoing maintenance because of using Netskope Intelligent SSE with zero trust data protection throughout.

Chris Rodriguez, Research Director of Security & Trust at IDC stated, “Zero trust network access is all about optimizing the balance of enabling access and mitigating risk, and the most effective ZTNA solutions, including Netskope Private Access, help reduce the risk and exposure associated with legacy remote-access VPNs. Enterprises should be pleased to see that Netskope continues to innovate and has now added capabilities to strengthen data protection policies across the widest range of use cases, from SaaS to private apps.”

Read more articles:

Everything you need to know about Zero Trust Security in 2022!

CyberRatings Introduces First-of-its-Kind Cloud Test on Firewall as a Service and Zero Trust Network Access

CyberRatings.org, a non-profit firm dedicated to making cybersecurity product efficacy transparent, has released its first Secure Access Service Edge (SASE) rating. Zscaler’s Firewall as a Service (FWaaS), including its Zero Trust Network Access (ZTNA) capabilities, were tested independently by CyberRatings utilising Zscaler Internet Access and Zscaler Private Access. Overall, Zscaler received a ‘AA’ rating, with individual test components receiving ‘AA’ to ‘AAA’ ratings.

SASE technology is a relatively new addition to the market. It’s a new technology package that’s supplied as a service:

  • Data security (Cloud Access Security Broker and Data Loss Prevention)
  • Access control (FWaaS and ZTNA)
  • Threat protection (Secure Web Gateway, anti-malware, and intrusion prevention)

“The pandemic accelerated adoption of new technologies such as SASE that securely enable a distributed workforce. This first-of-its-kind test provides the cybersecurity industry with a reliable and independent way to evaluate SASE offerings,” said Vikram Phatak, CEO of CyberRatings.org. 

Because these technologies are so new, CyberRatings spent several months developing the apparatus to test FWaaS and ZTNA alongside Keysight’s network and cloud product teams. Keysight offered CyPerf to test application stability, performance, reliability and TLS / SSL functionality.

“The distributed nature of hybrid/cloud networks calls for a new way of testing. Keysight developed its industry-first cloud-native CyPerf test solution to help users validate services like SASE, software-defined wide area network (SD-WAN), and cloud network firewall. We are excited to partner with CyberRatings in this first independent test of SASE technology,” said Ram Periakaruppan vice president and general manager, Keysight’s Network Test and Security Solutions.

CyberRatings has a three-phase approach for assessing SASE solutions, with the first phase focusing on FWaaS and ZTNA. The discovery and handling of exploits, malware, and evasions will be tested in phase two. The cloud access security broker (CASB) and data leak protection will be addressed in the third phase (DLP).

Quadrant Knowledge Solutions Market Insights on Software Defined Perimeter (SDP) for Zero Trust Network Security

Quadrant Knowledge Solutions announces the addition of the “Market Insights: Software Defined Perimeter (SDP) for Zero Trust Network Security, 2020” report to their strategic technology research offerings.

Software Defined Perimeter is an approach in network security that safeguards user access to application and information irrespective of the location, time and nature of the device used. Software Defined Perimeter follows zero trust approach, wherein the default network security posture is that of deny. Access is granted upon authenticating and authorizing both user and device. By pre-authorizing users and devices prior to making the application layer access (applications and resources), SDP protects enterprises from a range of attacks, such as denial of service, credential theft, server exploitation, connection hijacking and APT/Lateral movement. Unlike security models that work at the network layer, SDP works to the application layer. It provides granular control for secure communications directly from the user and device to the application.

Software Defined Perimeter technology is emerging as an advanced network security solution for today’s complex, interconnected world. A Software Defined Perimeter isolates network services from the internet, allowing access only after successful authentication, and restricting connections to only pre-authorized services. Network assets are hidden from unauthenticated users, leaving attackers with no visible target. Software Defined Perimeter protects organizations by substantially reducing the attack surface.

An SDP solution includes functionalities for adaptive authentication, granular and contextual access control, separation of control and data plane, complete access visibility and audit, the principle of least privilege access, and masking of applications and resources to unauthorized users. The primary use cases for SDP solution includes application security in the hybrid IT, breach prevention and data protection, direct access to public cloud applications, effective BYOD and IoT security, secure privilege and third-party access to applications and compliance to ever-increasing global regulations.

Quadrant Knowledge Solutions SDP Market Insights research provides detailed insight into the SDP technology overview, Zero Trust Network Security overview, SDP characteristics, SDP architecture, market drivers & trends, and vendor landscape. The market insights include a detailed market recommendation for considering an SDP solution. The report also addresses the debate around VPN versus SDP solution.

Software Defined Perimeter Market Insights is a part of Quadrant’s Security & Risk Management practice.

Quadrant Knowledge Solutions is a global advisory and consulting firm focused on helping clients in achieving business transformation goals with Strategic research, consulting, and advisory services.

Riya Mehar

See available research: https://quadrant-solutions.com/market-research/

Decoding Zero Trust Security | Zero Trust Concept & Models (Part-1)

Years after it first got mentioned in 2010, the concept of Zero Trust is regaining momentum. Backed by analysts, vendors, and Cloud Security Alliance; Zero Trust is the latest buzzword in the security industry.

Zero Trust framework got popular in the wake of data breaches and modern cyber-attacks. The traditional security measures focused on creating a security perimeter for insiders, and everything outside the perimeter was untrusted. This model believed that insiders should be trusted and gave them full access to resources. Unfortunately, this model couldn’t cope up with the changing threat landscape with malicious insiders and outside attackers trying to move laterally to target important resources.

Decoding Zero Trust Security

Secondly, an upsurge in the number of IoT devices, increased mobility, and vast adoption of cloud by organizations is constantly pushing the network boundary closer to the identity. So rather than a network-centric perimeter, there is a need to have an identity-based perimeter, with users and devices being the center of focus.

To address these challenges, Zero Trust treats all access request with no trust and gives access permission on a strict need-to-know basis. Zero Trust is a concept in network security based on strict identity verification for users and devices. It requires that every access request by users or devices is fully authorized, authenticated, and encrypted before granting access. True to its nature “Trust nothing, verify everything”; Zero Trust security framework believes that nothing should be trusted and even requests originating from within the security perimeter should be verified. There are three models/ architectures through which Zero Trust security can be implemented in organizations –

  • Software-Defined Perimeter
  • Network Micro-Segmentation
  • Identity Aware Proxy

(This is Part 1 of the blog, where the concept of Zero Trust security is explained, Part 2 will discuss the various models to implement Zero Trust security)