Professional Documents
Culture Documents
Secure Cloud
Transformation
Adopt SaaS applications and manage
large increases in traffic volumes without
sacrificing security.
• Elastic cloud security • Deploy local Internet breakouts for seamless access—Users access
platform that autoscales SaaS applications over the Internet, which is backhauled to a central
location and controlled by a comprehensive security stack. This
• Local Internet breakout
process introduces latency and bandwidth bottlenecks that result in
to improve end-user
poor end-user experience. The best architecture for SaaS applications
experience
is to send a user’s traffic directly using local Internet breakouts.
• Cloud-based visibility for
• Reclaim data and traffic visibility—As users go directly to the Internet,
data loss prevention (DLP)
enterprises lose control and visibility of their traffic. As a result, a
and SaaS visibility
cloud-based DLP and CASB visibility solution is required so that
identical policies and protection can be applied whether the user is in
the main office, working from home, or traveling.
The Cloud Changes How Data Flows Into and Out of the
Organization
Secure Cloud Transformation breaks the traditional hub-and-spoke network
architecture model that funnels all Internet traffic through a central security
control point. With the traditional architecture, users accessing new web apps
and SaaS platforms log on from around the world, creating a major latency
issue if traffic needs to be routed through a central control point. Enterprise
users change the SaaS applications they use over time, which can also change
traffic patterns. Office 365, in particular, can be problematic because it can
result in more than 20 persistent connections per user—which can overwhelm
existing hardware appliances and cause network performance issues. These
changes in traffic volume and traffic patterns make it increasingly difficult for
your existing network stack (next-generation firewall, secure web gateway, etc.)
02 | www.menlosecurity.com
WHITE PAPER
www.menlosecurity.com | 03
WHITE PAPER
But not all Internet isolation technologies are created equal. Here are four
requirements that organizations need to consider when selecting an isolation
technology for Secure Cloud Transformation:
1. Clientless Deployment
The beauty of moving critical business systems to the cloud or subscribing
The Menlo Security Cloud
to a SaaS platform is that the management burden on IT is greatly reduced.
Platform provides a single,
It is up to the cloud provider or SaaS vendor to keep the application and
controlled port of entry
underlying infrastructure up to date. Reinserting another management
and exit between users
touchpoint into the mix would completely wipe out that benefit. A clientless
and the Internet.
solution, on the other hand, means that there is no client to deploy, install,
and update on endpoint devices, and employees are guaranteed to be using
the latest version with no gaps in upgrade policies.
3. Scalability
You need to protect users no matter where business takes them—and that
could be anywhere around the world or to the far reaches of the Internet.
A clientless, cloud-based Internet isolation solution should have a global
footprint that covers users in other regions. It needs to be elastic—ebbing
and flowing in real time to meet growing requirements. It needs to protect
users from uncategorized websites without restricting access to those sites.
And it needs to provide the level of performance your users expect from
their browsing and email experiences.
04 | www.menlosecurity.com
WHITE PAPER
The Menlo Security Cloud Platform puts a shield around all websites and
online content so malware and other web-based threats can’t access users’
devices. It doesn’t matter if users visit a suspicious site or download a
malicious document. Menlo Security allows only safe or read-only content to
be rendered to users’ browsers—keeping organizations safe without impacting
user productivity.
Contact us
menlosecurity.com
(650) 614-1705
ask@menlosecurity.com