Symantec has extended the individual capabilities of its various cloud security gateways as part of an effort to make cloud security easier to manage.
Gerry Grealish, head of product marketing for cloud and network security at Symantec, said each Symantec cloud gateway is optimized for a specific use case. New capabilities being added to the various gateways include:
- Support for real-time, in-line security controls over the use of public cloud applications from any device using the CloudSOC Mirror Gateway. That capability makes it possible to apply policy control via a cloud access security broker to both managed and now unmanaged devices. The CloudSOC CASB Gateway also can provide multi-factor authentication via integration with Symantec VIP tools or identity management software and service from Okta.
- The Symantec Secure Access Cloud, based on technology Symantec gained by acquiring Luminate earlier this year, has been integrated with Symantec data loss prevention (DLP) software, in addition to providing support for multifactor authentication capabilities and continuous risk-based identity verification.
- The Symantec Web Security Service has been integrated with Symantec Secure Access Cloud, enabling the sharing of web sessions and authenticated user information across the two gateways. The Web Security Service gateway also has expanded support to include Windows 10 and Chromebook devices.
- The Symantec Email Security gateway now can isolate suspicious email attachments, which has been added to an existing embedded link isolation capability.
Grealish said more customers are acquiring gateways to address a range of cloud security concerns in a manner that is more extensible than acquiring a series of point products. Symantec currently is not close to converging the control planes for each of these cloud gateways, but plans to bring together elements of those control planes if doing so makes sense, he said.
At the same time, Grealish noted that each of those gateways exposes an application programming interface (API) that makes it possible to include them within the context of a larger set of DevSecOps processes.
Regardless of requirement or how it is invoked, Grealish said Symantec is committed to making it easier for organizations to secure clouds. Most cybersecurity teams don’t have a lot of visibility into what applications are being deployed in the cloud or how they are being accessed. The Symantec cloud gateway approach makes it easier for cybersecurity teams to rely on a gateway that can be adjusted to adapt to new use cases involving, for example, endpoint devices that are not owned by the organization.
In the meantime, Symantec is betting that over the long haul, more organizations will want to reduce the friction associated with acquiring and maintaining isolated cybersecurity point products. As the capabilities of each Symantec cloud gateway continue to expand, the need for additional third-party offerings declines. That approach reduces the total cost of security by also reducing the number of vendors with which a cybersecurity team needs to engage.
It remains to be seen whether any one of hundreds of cybersecurity startups will eventually supplant incumbents such as Symantec. But Symantec doesn’t plan to sit back idly without putting up a substantial fight.