CASB: Shifting to a new age of Cloud.
Traditional on-premises based security services are not effective with protecting data that moved to the cloud hence new cloud-focused mechanisms are needed. This need gave birth to cloud specialized access and security control mechanisms captured within Cloud Access Security Broker (CASB).
Versa’s CASB, offered as part of Versa Secure Internet Access (VSIA) product offering, protects cloud-based data and applications of an Enterprise while in transit or while at rest on the cloud.
Versa’s CASB provides inline API based, real time and out-of-band API based non-real time granular access control capabilities, addressing potential security gaps of an organization’s use of cloud services in a broad set of scenarios.
Versa’s CASB secures cloud services, enabling secure access to them from users both within and outside the traditional enterprise perimeter, and supports secure cloud-to-cloud access, providing a reliable, secure, omni-present and always up service to our customers.
Protecting data across multiple services.
CASB products and cloud services focus on a different problem space than that of on-premises security systems. It’s still the enterprise data while that is residing on a cloud service that belong to someone else. The 3rd party provided cloud-based data repository solutions and SaaS applications come with additional challenges of data access control by user, activity, file type, content and more.
Versa CASB delivered from Versa Cloud Gateways provides comprehensive and hiughly granular access and activity control for Enterprise users, as well as 3rd parties. Versa CASB functions run together with the rest of Versa SASE functions delivered from single OS, namely VOS. Versa’s CASB functions are managed by Versa’s rich policy engine that is part of Versa’s single policy engine which offers detailed access control capabilities based on user, application, application APIs, device, security posture and more parameters.
As a leading CASB vendor, Versa offers cloud-hosted security as a service as part of the single SASE portfolio. Versa’s SASE services are provided via global footprint of locations which enable Versa’s SASE functions, including CASB, to be provided close to customer premises (in Forward Proxy mode) and close to SaaS vendor PoPs (in Reverse Proxy mode). Enterprises can use the nearest or most convenient points of presence (POP) as an on-ramp to high-speed and secure SASE network fabric and for secure application access to the cloud infrastructure.
Enterprises can use Versa’s CASB functions running on Versa Cloud Gateways using Versa Client application as well as in clientless deployment modes.
Versa CASB Solution: True first packet auto-recognition to thousands of applications.
Versa customers can achieve the following by implementing CASB:
- Identify and manage all cloud applications in use (sanctioned applications as well as shadow and rogue IT)
- Enforce cloud application management policies in real time and in non-real time basis
- Create and enforce granular policies to govern the handling of sensitive information, including compliance-related content
- Encrypt or tokenize sensitive content to enforce privacy – when used together with Versa’s Network DLP
- Detect and block unusual account behavior indicative of malicious activity
- Integrate cloud visibility and controls with existing security solutions