Back 
Co-authored by Jason Hofmann and Jeff Brainard
Over the last year, we’ve made tremendous progress expanding NewEdge to provide Netskope customers with the global coverage they demand. We have real, full-compute data centers in nearly 50 regions today and plans to go live with our Lima, Peru data center in early October (which will be our fifth in Latin America). We also have near-term plans to expand into mainland China and are proud of our accomplishments in making NewEdge FedRAMP-ready, a critical requirement for doing business with the U.S government, as well as successfully completing the IRAP assessment at the PROTECTED level, which facilitates Netskope doing business with government agencies across Australia. As the business landscape changes rapidly with the continued prevalence of remote work and the return to the branch in some regions, NewEdge is critical to accelerating SASE adoption for Netskope customers.
As we’ve executed on this NewEdge scale-out at breakneck speeds, we’ve stayed true to keeping every data center uniform and consistent (down to every cable plugged into the same port globally), with full compute for real-time and inline security traffic processing, no reliance on the public cloud or virtual POPs (which is just backhaul by another name), and all Netskope Security Cloud services being available in every location. We’ve also continued to expand our networking leadership through an aggressive interconnection strategy and extensive peering to provide the best user and application experience for web, cloud, SaaS and even private apps hosted on-premises within an enterprise customer’s data center.
Today, we’re making NewEdge even better.
Backing up our performance claims
With quantitative metrics to back up our claims—whether it’s our lowest-latency on-ramps for traffic ingressing NewEdge, efficient processing of traffic inside our data centers, or the fast, optimized links to the content and apps that users care about–nothing provides more compelling evidence that NewEdge was built for performance than how it actually performs. So confident are we in this performance that we’ve published it in Service Level Agreements (SLAs) to back up our claims.
We regularly hear from security, networking, and infrastructure leaders that where the “rubber meets the road” is in the commitments a vendor is willing to put behind their services and network. Marketing claims are one thing, but firm, contractual guarantees (especially when tied to penalties and credits paid to the customer) often serve as the biggest confidence-builder to ensure cloud security vendors deliver as promised.
There’s a reason you don’t see that as often as you should; most vendors are scared to put real, legal terms behind their overmarketed performance claims. That’s why we’re excited to share some significant enhancements we’ve made at Netskope to our SLAs that literally raise the bar for how customers and the industry at large should evaluate Security-as-a-Service offerings. Expanding beyond the existing five-nines (or 99.999%) uptime and availability SLA for Netskope Security Cloud inline services–including Next Gen Secure Web Gateway (SWG), cloud access security broker (CASB), Zero Trust Network Access (ZTNA), and more–Netskope has announced a truly differentiated set of SLAs focused on security traffic processing inside NewEdge data centers. These include new latency SLAs covering both non-decrypted and decrypted transactions.
Industry-best non-decrypted latency SLA
For non-decrypted transactions, we are committing to less than 10 millisecond (ms) latency. At face value, this is at least 10x better than a certain well-known web security cloud vendor, which commits to less than 100ms in their published SLA (just check their website). Why “at face value”? Because this vendor’s SLA is based on a “monthly average” while ours is a monthly 95th percentile, which makes the Netskope SLA much more aggressive. For example, this means that if this vendor overachieves against its SLA and delivers one-third the latency of their commitment (or 33ms), it’s still at least 3x more latency than our 10ms SLA. And while they would be claiming overachievement in this circumstance, a Netskope customer would be entitled to a full credit and the right to cancel their service. This is a powerful example of how Netskope is committing to industry-leading performance and low latency with NewEdge.
Another well-known firewall vendor commits to less than 10ms, which seems on-par with our new SLA. But in reality, this firewall vendor’s SLA uses a narrowly-scoped definition of processing latency. This vendor takes a packet-processing, firewall-centric approach that only measures the time taken by packets in a single direction – from when they receive a packet to when they send it. It might sound promising, but this one-way “packet processing” SLA doesn’t apply in a SASE world with highly interactive web, cloud, and SaaS app operations. That is why the Netskope SLA takes into account the full round trip from when we receive the user request to when we respond minus the time taken for third parties (e.g. the web, cloud, or SaaS app) to receive and respond to the same transaction. In other words, our 10ms is roughly equivalent to 5ms in “one-way” terms.
Industry-first decrypted latency SLA
With approximately 90% of all enterprise traffic now encrypted, non-decrypted SLAs bear little relevance in the real world. That is why Netskope is launching an industry-first SLA for decrypted transactions committing to less than 50ms latency. No other vendor offers this kind of SLA for decrypted transactions. And this isn’t just an SLA on HTTPS transactions, it specifically covers transactions that are HTTPS and have decryption enabled (or what other vendors refer to as SSL Interception and call out as an SLA exclusion; again, just check their website). To put a finer point on it, not only is Netskope’s decrypted latency SLA 50ms—2x better than the earlier mentioned web security vendor’s non-decrypted latency SLA of 100ms—ours is also based on a monthly 95th percentile, while theirs is based on a monthly average.
Key Takeaways
These “industry-best” and “industry-first” SLAs are evidence of how much confidence we have in the performance of NewEdge, which powers the delivery of the Netskope Security Cloud inline and API-driven services. This includes our recently launched Cloud Firewall, Remote Browser Isolation, “clientless” ZTNA, and SaaS Security Posture Management (SSPM) services. It’s also something we’ve been able to uniquely deliver with NewEdge based on a massive investment in building and scaling out our own security private cloud over the last two-and-a-half years. As Netskope’s CEO Sanjay Beri stated back in 2018, “Netskope is building the largest security cloud network and platform in the world, rivaling that of a public cloud provider & be second-to-none in the security industry.”
You can tell we’re very proud of NewEdge—and we want all enterprises to experience it. Now, with our unmatched SLAs, you have the critical assurance to steer traffic to NewEdge with confidence. To learn more about the details of the new SLAs, the “Netskope Support and Service Level Terms” are posted online at: www.netskope.com/support-terms. For additional information on the NewEdge security private cloud, visit the NewEdge and networking micro-site at: www.netskope.com/newedge.
Read the blog