![]() With a CASB, a software agent installed on a user device forwards traffic to an inspection point in the cloud, which applies real-time security policies to foster safe connections with cloud-based resources such as SaaS apps and IaaS platforms.Īs the adoption of SaaS apps and remote work increases, using a CASB’s cloud-based forward proxy mode (as opposed to a firewall or a proxy appliance, on-premises or deployed virtually) can be a powerful way to protect an organization’s managed devices. Increasingly, discussions of forward proxies go hand in hand with talk of cloud access security brokers (CASBs), cloud security tools that can be deployed in forward proxy mode. Appliance-based firewalls, with inherent processing limitations, can’t handle a high volume of encryption without adding latency (however, a cloud firewall can). As most of today’s traffic is encrypted, it’s critical to have visibility into it, but the process of decrypting, inspecting, and re-encrypting traffic is compute-intensive. While not a direct comparison of proxy to firewall, it’s worth noting that a cloud-based forward proxy can also inspect encrypted traffic. A proxy, on the other hand, doesn’t forward traffic until its contents have been through an authentication process and determined to be safe. ![]() If the traffic is found to be unsafe, the firewall sends an alert-but it can be received too late.Traditional firewalls use a passthrough approach, forwarding traffic to the intended recipient while its contents are still being inspected. ![]() Compared to firewalls as a means of protecting systems from outside threats, a forward proxy differs in two key ways: ![]()
0 Comments
Leave a Reply. |