Back 
Enhanced FWaaS, ZTNA, RBI, and SSPM capabilities further support global enterprises embracing unprecedented digital transformation
SANTA CLARA, Calif. – August 17, 2021 – Netskope, the SASE leader, today announced several key enhancements to its award-winning Netskope Security Cloud, furthering its leadership in what analysts estimate is the $30 billion addressable market opportunity for Secure Access Service Edge (SASE). With enterprises rapidly adopting SASE architecture and applying Zero Trust principles in support of digital transformation efforts, teams seek security and networking providers that can offer complete, SASE-ready platform solutions.
The global pandemic has accelerated several trends that were already underway for enterprise security and networking teams, including a dramatic increase in remote work, a spike in visits to high-risk cloud applications and sites, and the increased frequency of malware delivered from the cloud vs. the web[1].
As a result of these trends, architectural change in security and networking is rapidly taking hold—spurring enterprises to leave legacy technologies and providers behind, tune out piecemeal product sets that are marketed as “SASE” but not natively integrated, and simplify their technology environments overall. Gartner® highlights that “by 2025, at least 60% of enterprises will have explicit strategies and timelines for SASE adoption encompassing user, branch and edge access, up from 10% in 2020.”[2]
“Enterprises know that security and networking must evolve toward a SASE architecture that applies Zero Trust principles. But they won’t get there with legacy products that deliver a poor user experience, expose data in the cloud to a myriad of threat risks, and are expensive and complicated to maintain,” said John Martin, Chief Product Officer of Netskope. “The enhancements we announce today add to what is already the industry’s most complete SASE and Zero Trust solution, making it easier than ever for enterprises to simplify their security and networking, continuously manage risk, and protect data everywhere it is accessed.”
“The shift to remote work and the alarming increase in global cybercrime means that at-risk organizations must safeguard our data in the cloud without degrading network performance,” said Todd Friedman, Chief Information Security Officer at ResMed. “Netskope’s vision for SASE and Zero Trust is very important to our security program. We continue to work with Netskope to drive the business outcomes we need.”
“As threat actors continue to target organizations around the world, implementing innovative security solutions is key to protecting network infrastructure,” says Ahmed Shah, senior vice president of strategic alliances at Optiv. “Collaborating with partners like Netskope allows us to help clients accelerate their digital transformation.”
The tightly integrated Netskope Security Cloud leverages a single-pass architecture, common management console, easy-to-use policy engine, unified client, and AI/ML intelligence, all of which translates into better security, faster performance, and lower total cost of ownership.
New enhancements to the Netskope Security Cloud include the following:
Netskope Cloud Firewall
Gartner notes in its 2021 Strategic Roadmap for SASE Convergence that “by 2024, 30% of enterprises will adopt cloud-delivered SWG, CASB, ZTNA and branch office firewall as a service (FWaaS) capabilities from the same vendor, up from less than 5% in 2020.”[3]
Netskope Cloud Firewall is a firewall-as-a-service offering that helps reduce complexity, lower overall operational expenses, prevent a degraded user experience, and accelerate time-to-value for organizations transforming their security and networking to meet the demands of branch offices and a remote-first workforce.
Netskope Cloud Firewall is fully integrated into the Netskope Security Cloud and offers:
- Network security for all outbound ports and protocols for safe, direct-to-internet access using the Netskope client on managed devices or via GRE and IPsec tunnels for offices
- 5-tuple policy controls, user and group IDs, FQDNs, and wildcards for egress firewall settings, plus seamless FTP ALG support, and full logging (TCP, UDP, ICMP) with event export, including into Netskope Advanced Analytics
- Centralized access control, providing simplified management for users and branch offices using one console, one policy engine, and one security platform
Read the Netskope blog for more on Netskope Cloud Firewall
Key Updates to Netskope Private Access For ZTNA
As Gartner cites, “By 2024, at least 40% of all remote access usage will be served predominantly by zero trust network access (ZTNA), up from less than 5% at the end of 2020. While most of these organizations will not completely retire all their client-facing VPN services, ZTNA will become the primary replacement technology.”[4]
Netskope Private Access (NPA), a cloud-native ZTNA service, directly and securely connects users anywhere to specific internal resources hosted in the public cloud and/or private data centers. With new enhancements, NPA allows teams to:
- Reduce risk and securely connect corporate users, as well as third party contractors, to private resources, using the Netskope Client or using browser access for private web applications (instead of giving access to the network)
- Augment virtual private network (VPN) connectivity and simplify network routing, reducing reliance on legacy networking infrastructure and beginning the process of phasing out VPNs where appropriate
- Support hybrid cloud infrastructure, and provide direct, user-to-application connectivity, bypassing the limitations of legacy networking infrastructure
- Transition from an appliance-focused, cap-ex-centric model to a more efficient op-ex-centric service model for simplified maintenance, faster implementation, and easier scalability
Read the Netskope blog for more on new enhancements to NPA
Remote Browser Isolation (RBI)
Native remote browser isolation (RBI) capabilities are now fully integrated into the Netskope Security Cloud. Netskope developed its RBI product for the Netskope platform by leveraging the isolation and security expertise and domain knowledge of a team focused on RBI since 2015 when they founded their company Randed. The acquisition of Randed extended Netskope’s expanding presence in Europe by adding a new development center in Spain.
While legacy Secure Web Gateways (SWG) are limited in that they can only block known bad websites and allow known good ones, RBI technology enhances SWGs by providing safe access to uncategorized and risky websites, removing threat risks or productivity limitations that can occur for users when sites are either fully allowed or fully blocked.
Targeted RBI renders uncategorized and security-risk websites (6-8% of all web requests) into pixel-streamed media to users while removing active scripts and potential web threats. Another key benefit of targeted RBI is to block file uploads and downloads and disable copy/paste/print activity for uncategorized and security risk websites to reduce data and threat risks. Netskope native RBI is fully integrated and invoked with an “isolate” policy control for desired web traffic, removing the complexity of forward proxy configurations.
Read the Netskope blog for more on RBI
SaaS Security Posture Management (SSPM)
SaaS security posture management (SSPM) capabilities help overcome misconfigurations, which in 2020 accounted for approximately 52%[5] of security incidents where unintentional actions directly compromised the security of an information asset.
Netskope SSPM includes a set of features that help organizations:
- Avoid risky misconfigurations and configuration drift
- Simplify management and compliance
- Monitor users and administrator behavior
- Identify risky users and connected applications
- Facilitate the remediation of risks
Netskope’s commitment to SSPM innovation includes its recent acquisition of Kloudless, a venture-backed company headquartered in Berkeley, California, whose team brought Netskope exceptional domain expertise with SaaS apps and APIs.
Read the Netskope blog for more on SSPM
NewEdge Delivers Unprecedented Performance, Coverage, and Resilience
A SASE architecture needs the fastest, most scalable, most reliable connectivity possible. Netskope Security Cloud services run on NewEdge, the world’s largest, highest-performing, and most well-connected security private cloud, allowing security to be deployed at the edge as close to the user as possible.
Today, NewEdge is powered by data centers in nearly 50 regions globally, with every data center offering full compute, all services available with no need to rely on the unpredictable performance of public cloud connectivity, and accessibility to every customer without surcharges.
Along with the continued global expansion of NewEdge, Netskope today announced further enhancements to Service Level Agreements (SLAs) for its inline services including NG-SWG, CASB, NPA, and CFW, ensuring customers can be confident steering their traffic to NewEdge. Building on Netskope’s existing five nines (99.999%) uptime/availability SLA, these expanded SLAs will address traffic processing latency within a NewEdge data center.
In addition, Netskope is releasing the first phase of Netskope Digital Experience Management (DEM). Enabled on a per-tenant basis and built natively into the existing Netskope Security Cloud, Netskope DEM further empowers customers—especially networking and infrastructure leaders—by providing critical visibility into their usage of Netskope Security Cloud services and traffic traversing NewEdge.
Read more about NewEdge capabilities
With more than 1,500 customers, Netskope serves some of the world’s largest and most technically demanding organizations. Among many 2021 highlights, Netskope recently attracted $300 million in new investment, achieving a post-money valuation of $7.5 billion.
For more information on today’s announcements, join Netskope for a new webinar, “Unpacking Updates to the Netskope SASE and Zero Trust Platform,” on September 16, 2021.
Gartner Disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.
About Netskope
Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, the Netskope Security Cloud provides the most granular context, via patented technology, to enable conditional access and user awareness while enforcing zero trust principles across data protection and threat prevention everywhere. Unlike others who force tradeoffs between security and networking, Netskope’s global security private cloud provides full compute capabilities at the edge.
Netskope is fast everywhere, data centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.
[1] Netskope Threat Labs, Cloud & Threat Report, July 20, 2021
[2] Gartner 2021 Strategic Roadmap for SASE Convergence, Neil MacDonald, Nat Smith, Lawrence Orans, Joe Skorupa, March 25, 2021
[3] Gartner 2021 Strategic Roadmap for SASE Convergence, Neil MacDonald, Nat Smith, Lawrence Orans, Joe Skorupa, March 25, 2021
[4] “Gartner Forecasts 51% of Global Knowledge Workers Will be Remote by the End of 2021, “ June 22, 2021
[5] Verizon 2021 Data Breach Investigations Report (DBIR), May 13, 2021