The Importance of CASB And Its Limitations

It’s been over two years since I introduced the Gartner-defined SASE (“sassy”) to my CW readers – in that time the world has changed somewhat, but the requirement for an intensified, integrated secure network platform has only got stronger and stronger. Witness what is happening with the world right now and where and when government-led cyber crime might enter the building (or nuclear power station) and that requirement intensifies all the more.

Throughout these years, another Gartner concept, CASB (Cloud Access Security Broker) has been popularised as a means of providing a solution for security solutions designed to address the challenges created by shifting workloads to the cloud. Some have seen this as a solution in its own right – but it is not. At best, CASB could be described as a subset of what true SASE (see previous blog entries) provides. What it hinges upon is the new potential wave of threats that are created when adding cloud-based networking to the IT infrastructure. Trad security solutions were designed for OnPrem/private deployments. Sticking apps and data in the cloud provides, not just a new back door option for attackers, but a whole wall of sliding patio doors and French windows to unlock (assuming you remembered to lock them all in the first place).

So, logically, if you move to a hybrid environment, CASB provides the bridge for companies to adapt to those potential new threats from the cloud, while also reducing the in-house workload and inherent complexity that such a model brings with it. While – as ever – definitions vary from vendor to vendor, there are some fundamental elements to a CASB solution generally identified as: threat protection, data security, compliance and visibility. In each case, it is designed to deal with the cloud element of said security component; for example, compliance becomes a whole different ball game when cloudy data sovereignty is added into the equation. And how do you see what is going on in the cloud with tools designed to manage OnPrem/private network traffic? Basic data access mechanisms change, the attack surface increases… yes – the cloud brings a whole new weather front of security storm forecasts to the IT table.

In other words, CASB has validity. However, it is only a part of the total network solution and overall strategy. Speaking with Cato Networks recently about its recent incorporation of CASB into its increasingly mature (in a good way 😊) SASE platform, it really starts to make sense. Here’s the point: you have a security infrastructure that is based on a portfolio of products that you have spent a lot of money and time on integrating (with partial success usually the best effort scenario here). And, in terms of money spent, we are talking CapEx, OpEx, training, re-training (when staff leave), rejigging that portfolio when some products are “end of lifed” or simply fall short (or the vendor disappears or is acquired by an unwanted 3rd party…). And that’s just securing what is within your control/remit. Add in the cloud and that brings in all the potential problems described earlier. So, you add in a CASB solution to handle these new problem areas and – how do you get that CASB solution talking to your partially successful security portfolio investment?

A quick demo with Cato’s current platform showed just how you go about managing that hybrid scenario – bring it all together under one system, one management console and view EVERYTHING as one. Yes, you can see the source of the data and apps, including the cloud, but you don’t have to swap between systems and consoles, spend days and months ingesting separate data feeds from a gazillion different syslogs using yet more expensive 3rd party products, by which time the network has been hacked several times anyway…

For more on the portfolio versus platform discussion, feel free to dip into this ‘ere blog wot talks about the debate in more detail:

https://www.catonetworks.com/blog/new-gartner-report-explores-the-portfolio-or-platform-question-for-sase-solutions/

In the next blog I’ll drill down into more of the features I observed during the demo, which will put the meat on the bones of this high horse I’m standing on (which at least hasn’t fallen when clear at the last as mine did at the recent Cheltenham festival).

Cloud – the panacea for all networking ills; yeah, right…