Gartner Report on Remote Browser Isolation: Menlo Security’s Continued Validation
In October 2018, Gartner released a report on remote browser isolation. It ruffled feathers a bit throughout the cybersecurity industry by suggesting that enterprises can no longer assume that their traditional detect-and-respond security strategy was enough to stop all web-based malware attacks. Analyst Neil MacDonald argued that enterprises should stop trying to detect every attack and instead focus on “containing the ability of the attacker to cause damage and reduce the surface area for attack.”
The best way to do that, MacDonald suggested, was through remote browser isolation.
Since then, the importance of remote browser isolation as part of a multi-layered cybersecurity strategy has been more widely accepted. In fact, remote browser isolation gets a well-deserved shout-out in Gartner’s most recent Magic Quadrant for Secure Web Gateways. As a result, Menlo Security is named as a Visionary and moved the most of any vendor in the MQ, improving in both Completeness of Vision and Ability to Execute.
The Power of Remote Browser Isolation
Browser isolation gives enterprises a secure and reliable web security approach that provides security teams with the visibility and control they need without impacting the user experience. Designed to thwart modern cybersecurity threats, remote browser isolation gives enterprises the protection they need to keep users and the organization safe—enabling a Secure Cloud Transformation journey.
When added to a cloud proxy such as a web-based secure web gateway (SWG), remote browser isolation also provides enterprises with the visibility and control security teams need to effectively enforce policies and conduct post-event analysis. As mission-critical workloads continue to migrate to the cloud, it’s increasingly important that enterprises are able to monitor and control how Internet traffic flows to users’ devices—wherever they are. Remote browser isolation also preserves the native browsing experience.
The Ideal Solution: Menlo Security Cloud Platform
The punch line is that the Menlo Security Cloud Platform is the only isolation-based SWG solution that acts as a true cloud proxy and meets all these requirements. According to the Gartner MQ, “[Menlo] is a good choice for enterprises with a high priority on security.” And that assessment makes sense. I mentioned it before, but it warrants repeating: Menlo is placed in the Visionary quadrant and moved the most of any vendor, improving in both Completeness of Vision and Ability to Execute. We’re also the only private held company in the MQ, allowing us to focus on solving the cloud security problem rather than worry about shareholder value.
Given the updated MQ and Menlo’s Visionary status, let’s take another look at the recommendations MacDonald outlined as key features in a remote browser isolation solution in his report in October 2018. We can then compare them with Menlo’s current capabilities.
Gartner Recommendation | Menlo’s Current Capabilities |
Does not require a local client/agent. | Menlo requires no additional client, agent, or browser plug-in. It integrates with most popular browsers. |
Uses an industry-standard web rendering engine that is kept up to date with changes in HTML5. | Menlo uses its patented ACR technology to ensure a seamless user experience. |
Supports plug-ins, including PDF and Flash. | Menlo supports most major plug-ins. |
Supports cloud SaaS applications such as Office 365 or G Suite. | Menlo treats all web traffic the same, including SaaS applications, and latency is imperceptible to the user. |
Provides a remote viewer when users encounter file objects on the public Internet. | Menlo renders documents in read-only form. Active content such as Flash is rendered in HTML5. |
Allows users to access native documents locally when appropriate and ensures that these files are rendered safely. | Menlo allows security teams to create custom policies that allow specific users to access native documents. These documents go through a robust screening process for viruses and malware. Infected files are quarantined in a sandbox. |
Supports basic browsing features such as cut and paste. | Menlo supports web browsing features such as copy, cut, paste, and print. |
Maintains and patches web servers as appropriate. | The Menlo Security Cloud Platform is hosted on AWS across multiple geographies for full disaster recovery. |
Uses full VMs or containers for browser sessions. | Menlo uses containers and wipes them clean after each browsing session. |
Restores each browser session back to a known good state for each new user session. | Menlo wipes the container after each browsing session. |
Has little or no effect on bandwidth. | Menlo renders safe content in HTML, which does not impact bandwidth requirements for activities such as video streaming or pixel-by-pixel rendering. |
Has a multi-tenant cloud architecture distributed geographically for global users. | Menlo Security’s Global Elastic Cloud provides high availability, auto-scaling, and bandwidth management that is completely transparent to the user. With more than 20 ISO27001 and SOC2-certified data centers worldwide, Menlo achieves 99.995% global availability with transparent and automatic failover between data centers. |
Ensures high availability by avoiding a single point of failure. | Menlo Security’s Global Elastic Cloud provides high availability, auto-scaling, and bandwidth management. With data centers around the world, Menlo ensures that users are fully protected wherever they do business. |
Automatically and transparently determines what content is rendered remotely and what content is rendered locally. | Menlo allows enterprises to set policies that dictate what web traffic is isolated. Policies can be set per user, group, or file type. |
Includes SWG capabilities for traffic that isn’t remotely presented.
| Menlo includes a robust SWG offering that detects and detonates malicious content in a sandbox. Gartner named Menlo a Visionary in the 2019 SWG Magic Quadrant. |
Protects users against web-based attacks from embedded links in email—even if the email client rewrites URLs as a security precaution. | All web content—including traffic originating from email—is isolated in the cloud platform. This includes embedded links and attachments. Rewritten URLs don’t matter either. All content is isolated. |
As you can see, Menlo hits the points Gartner recommended 2018. The simple fact is that the Menlo Security Cloud Platform is the industry standard for remote browser isolation solutions. Why would you consider anything else?
Download the 2019 Gartner Magic Quadrant for Secure Web Gateways (SWG) to learn why Menlo Security is best positioned to eliminate web-based threats and empower organizations of any size to complete their Secure Cloud Transformation journey.
*** This is a Security Bloggers Network syndicated blog from Menlo Security Blog authored by Mehul Patel. Read the original post at: https://www.menlosecurity.com/blog/gartner-report-on-remote-browser-isolation-menlo-securitys-continued-validation
