Edge Security

Secure Service Edge (SSE) & SASE

Gartner termed SASE (Secure Access Service Edge) as a group of technologies that bring together networking and security tooling and incorporate the growth of service and Cloud SaaS utilisation. SASE includes; Cloud Access Security Brokers CASB), Secure Web Gateways (SWG), Firewall-as-a-Service and SD-WAN. SSE (Secure Service Edge) is a subset of these controls, focused on the user edge incorporating SWG, CASB and Zero Trust Network Access (ZTNA) into a single solution, whilst leaving Firewall and SD-WAN as the other components in SASE.

Web Security (SWG, RBI)

Web Security comes in a couple of different forms, some endpoint security solutions include browser plugins or HTTPS inspection locally on a single machine, whilst these can offer the basics of URL Blocking and Categorisation they may not be as effective as a full Secure web gateway solution.

SWG
Secure web gateways are solutions that are designed to protect an organisation’s network from cyber threats by inspecting and filtering internet traffic and blocking malicious content. They are usually deployed as a local gateway or a cloud proxy service. The advantage of Secure Web Gateways is that they provide visibility of all web access by a system, and can also apply organisational controls and add a layer of anti-malware to protect against file downloads and malicious scripts before they reach the endpoint. Additionally, many cloud SWG solutions add in elements of CASB features such as Cloud Application Controls and Shadow IT monitoring.

Remote Browser Isolation (RBI)
RBI is another Zero Trust based web security tool that minimises risk when users are accessing unsanctioned web services. RBI uses an appliance or cloud service to load web sites into a remote sandbox so that any code or malicious downloads are contained and do not reach the end user device. They can also be useful to limit data leakage using in-build DLP controls.

DNS Security

By default many organisations use either their ISPs DNS servers or a Public DNS provider such as Google (8.8.8.8). These services do not focus on security and will resolve any domain name regardless of risk. Secure DNS providers enable organisations to block known malicious domains as well as configure blocked and allowed domains/categories based on policy.

Email Security

As corporate and personal email remains the number one entryway for cyber attacks, cutting-edge email security is essential. Protection today covers many areas to give the best cover for organisational data.

Secure Email Gateways
Secure Email Gateway (SEG) are great at looking for known malicious domains and IPs as well as enforcing policy based on SPF/DKIM/DMARC. They can also add in controls for sender/recipient, attachment filters, Data Loss Prevention and transport encryption.
API Based Email Security
Unfortunately, gateway-based email security tools only offer point-in-time protection so the growth in API based solutions enable many features such as: phishing protection, just-in-time link protection, machine learning and writing-style-analysis to better protect businesses from phishing, business email compromise (BEC) and compromised email accounts.

Zero Trust Network Access (ZTNA)

ZTNA builds on the Zero Trust security model and applies it to network access. Zero Trust implies that the device, user and service are not explicitly trusted and each element needs to be authorised. ZTNA can be seen as a replacement for traditional VPN and remote access tools. ZTNA typically requires device posture checks including: managed/unmanaged, AV, Encryption as well as user authentication via an IdP. As a result, the ZTNA solution is able to provide granular access to internal or cloud-based services based on policy and role.

Secure Remote Access

Many organisations have the requirement for third parties and contractors to connect and use RDP and SSH sessions or utilise HTTP(s) business applications. Traditionally this has been done using SSL VPN, however with technologies like ZTNA we can provide an access gateway to specific hosts.

Software Defined Perimeter & SD-WAN

Organisations with multiple sites and data centers used to rely on site-to-site VPN or expensive MPLS / fibre connections. With SD-WAN organisations can interconnect sites, cloud services & data centers with cloud-first centrally managed firewalls which provide increased visibility and security controls. They can also optimise connections to reduce the cost of physical infrastructure.