CASB & Netskope

2017 © Netskope. All rights reserved. Netskope confidential.

The Way People Work Has Changed

Any place, any Instantaneous sharing and More sensitive data

device, any time collaborating now in the cloud

2017 © Netskope. All rights reserved. Netskope confidential. 2

 Security Tools vs. Disruption
Disruption

Cloud Security Platform

Next-Gen Firewall

Web Proxy

Firewall

+ Perimeterless protection, machine learned,

Allow the right access. + AUP for URLs, + Blocking based on
Threats heuristic, static/dynamic analysis built on
Block based on IP + ports signatures protocol headers
published and unpublished API context

Campus & Branch + Remote direct-to-cloud, mobile apps,

Access Patterns Same + Remote VPN
network desktops apps, sync clients

+ First 1k bytes of
Language Packets HTTP + APIs/JSON – layers well above HTTP/S
transaction

2017 © Netskope. All rights reserved. Netskope confidential. 3

The Cloud Security Journey in Phases

Continuously discover Safely enable cloud services Safely permit unsanctioned,

cloud services and you have sanctioned yet necessary, cloud services
assess risk
Optionally block the most risky Apply adaptive
access control Identify ecosystems, non-
services and coach users to use Sanctioned
corporate instances, and
alternatives
Implement granular create category-level and
policies and workflows context-based policies Unsanctioned and
optionally blocked
Block risky activities
Prevent data loss

Protect against
threats
Block risky services
Encrypt when
necessary Skipping this step may lead to user
Coach users
revolt and a decrease in productivity
Use of Granular Control
Protect against threats 450
Discovered = 1000 Prevent data loss 300
Sanctioned = 50 Safely Permitted = 650 Block risky activities 200
Blocked = 300 Govern access 150

2017 © Netskope. All rights reserved. Netskope confidential. 4

 The most comprehensive, flexible deployment options

Offline Inline

LOG API TAP Forward Reverse

Connector Proxy Proxy

‣ eDiscovery of DLP
‣ Cloud app discovery ‣ Cloud app Discovery ‣ Real-time
Explicit Proxy / Desktop Client
violations ‣ App risk PAC file
DNS
/ Mobile Profile
Proxy Chaining policy control
‣ App risk for sanctioned
‣ Data governance ‣ Deep activity traffic steering options
‣ Basic activity cloud apps
visibility ‣ Policy control for visibility only
‣ Real-time policy control for all cloud apps
Data at Rest ‣ DLP violation
‣ Mobile and remote for all cloud apps (Desktop ‣ Mobile for
detection sanctioned
agent or mobile profile)

Use Cases
2017 © Netskope. All rights reserved. Netskope confidential. 5
 Netskope products

Netskope Active Platform Netskope • Cloud app discovery via log upload
• Access to Cloud Confidence Index™
• Find, understand & secure all cloud apps Discovery • Risk Dashboard
• On-campus, mobile, and remote
Netskope API • Safely enable sanctioned apps such as Box,
• Industry-leading Cloud DLP with more than Dropbox, Egnyte, Google Apps, Office 365, and
Introspection Salesforce
3,000 data identifiers and 500 file types
• Real-time activities and stored content • Advanced DLP
Netskope Active • Visibility, Analytics, and Policy enforcement
Cloud DLP based on Fingerprinting and Exact Match

Netskope Malware & • Allows an enterprise to identify apps that are

known to host malware, generate malicious
Threat Protection traffic, or perform suspicious activities

Visibility and real-time granular control • 256-bit encryption

of all cloud apps, sanctioned or Shadow
Netskope Active File • Support for cloud-based, fault-tolerant FIPS 140-2
Encryption Level 3 key management with optional integration
IT with your on-premises key mgmt.

© 2017 Netskope. All Rights Reserved. 6