Gartner Report on Remote Browser Isolation: A Year Later

It’s been a year since Gartner released its report on remote browser isolation. At the time, the report was forward thinking—controversial even—as it suggested that enterprises can no longer assume that their traditional detect-and-respond security strategy is enough to stop all web-based malware attacks. Analyst Neil MacDonald argued that enterprises should stop trying to detect every attack and instead focus on “containing the ability of the attacker to cause damage and reduce the surface area for attack.”

 

He went on to say that remote browser isolation was the ideal solution for doing just that, because it moves all web browsing activity out of the network and away from users’ devices to a remote location where malware can do no harm:

 

A remote browser isolates the user’s Internet browsing activity from the end user’s device and from the rest of the enterprise’s networks and systems. This effectively creates an “air gap” between inevitable attacks and the enterprise network, restricting the ability of an attacker to establish a foothold, move laterally, breach other enterprise systems, and exfiltrate data.

 

Now, a year later, web isolation is seen as an essential part of the enterprise cybersecurity strategy. Working together with the Secure Web Gateway (SWG), Data Loss Protection (DLP), and other security solutions, remote browser isolation fundamentally changes the way enterprises protect users, data, and critical business systems from web-based threats.

 

Menlo Security has been on the forefront of these seismic changes, leading the industry from an allow-or-block policy toward an isolate-or-block approach. In fact, Menlo was named a visionary in Gartner’s 2018 SWG Magic Quadrant because of our patented isolation approach.

 

We thought we’d take a look at the recommendations MacDonald outlined as key features in a remote browser isolation solution and compare them with Menlo’s current capabilities.

 

You know, just for fun.

 

Gartner Recommendation

Menlo’s Current Capabilities

Does not require a local client/agent.

Menlo requires no additional client, agent, or browser plug-in. It integrates with most popular browsers.

Uses an industry-standard web rendering engine that is kept up to date with changes in HTML5.

Menlo uses its patented ACR technology to ensure a seamless user experience.

Supports plug-ins, including PDF and Flash.

Menlo supports most major plug-ins.

Supports cloud SaaS applications such as Office 365 or G Suite.

Menlo treats all web traffic the same, including SaaS applications, and latency is imperceptible to the user.

Provides a remote viewer when users encounter file objects on the public Internet.

Menlo renders documents in read-only form. Active content such as Flash is rendered in HTML5.

Allows users to access native documents locally when appropriate and ensures that these files are rendered safely.

Menlo allows security teams to create custom policies that allow specific users to access native documents. These documents go through a robust screening process for viruses and malware. Infected files are quarantined in a sandbox.

Supports basic browsing features such as cut/paste.

Menlo supports web browsing features such as copy, cut, paste, and print.

Maintains and patches web servers as appropriate.

The Menlo Security Isolation Platform (MSIP) is hosted on AWS across multiple geographies for full disaster recovery.

Uses full VMs or containers for browser sessions.

Menlo uses containers and wipes them clean after each browsing session.

Restores each browser session back to a known good state for each new user session.

Menlo wipes the container after each browsing session.

Has little or no effect on bandwidth.

Menlo renders safe content in HTML, which does not impact bandwidth requirements for activities such as video streaming or pixel-by-pixel rendering.

Has a multi-tenant cloud architecture distributed geographically for global users.

Menlo Security’s Global Elastic Cloud provides high availability, auto-scaling, and bandwidth management that is completely transparent to the user. With more than 20 ISO27001 and SOC2-certified data centers worldwide, Menlo achieves 99.995% global availability with transparent and automatic failover between data centers.

Ensures high availability by avoiding a single point of failure.

Menlo Security’s Global Elastic Cloud provides high availability, auto-scaling, and bandwidth management. With data centers around the world, Menlo ensures that users are fully protected wherever they do business.

Automatically and transparently determines what content is rendered remotely and what content is rendered locally.

Menlo allows enterprises to set policies that dictate what web traffic is isolated. Policies can be set per user, group, or file type.

Includes SWG capabilities for traffic that isn’t remotely presented.

 

Menlo includes a robust SWG offering that detects and detonates malicious content in a sandbox. Gartner named Menlo a visionary in the 2019 SWG Magic Quadrant.

Protects users against web-based attacks from embedded links in email—even if the email client rewrites URLs as a security precaution..

All web content—including traffic originating from email—is isolated in the MSIP. This includes embedded links and attachments. Rewritten URLs don’t matter either. All content is isolated.

 

As you can see, Menlo hits nearly all the points Gartner recommended last year. The simple fact is that Menlo is the industry standard for remote browser isolation solutions. Why would you consider anything else?

*** This is a Security Bloggers Network syndicated blog from Menlo Security Blog authored by Menlo Security. Read the original post at: https://www.menlosecurity.com/blog/gartner-report-on-remote-browser-isolation-a-year-later