Transcript
My name is Michael Ferguson, better known as Fergo. I'm the Director of Security Transformation here at Netscope, and I'm really excited to showcase some of the capabilities of this Netscope One platform, a unified SASE platform for any device. And what this allows us to do is to manage our workdays in the way that we want to. So for myself, I like to start the day at the gym, and that doesn't mean I'm not going to get emails whilst I'm at the gym. So I need to be able to access my phone and make sure that I can do my job. And that means having a Netscope client that is sitting on every single device, whether it's laptops, desktops, but also smartphones, Androids, iOS, or even Chromebooks. So everything is going to be covered and connected. And that means that when I go to my emails, I can receive any email, and I can be protected from any potential malicious malware. Or if I get an email with a link inside of this, I'm actually going to make sure that if it's a malicious file, I can block this. But maybe if it's an uncategorized or newly registered URL, what I can do is put that through the remote browser isolation environment. So as I click on this, it opens up in the browser. But because it's a newly registered domain or it's an unknown risk to me, you can see this little border around the actual browser window, which indicates that that is now in an isolated environment. That means that whilst I can see it, it's making sure that there's no passive or active downloads from that particular website, keeping this device nice and safe. Now, another key feature that I'd want is to be able to connect to any of my private applications. So there are still some applications that are sitting inside of data centers, whether they're ours or in the public cloud, and I need to be able to access them. So you can see here that URL is a private application. It's a private IP address. But that doesn't mean I don't need to sometimes be able to access this and download certain files and view what's happening inside of here, and I can see an actual file. Then I might want to take this and share that file up through a social media application. But because all of this traffic is being sent from this device through that Netscope unified client to the Netscope cloud, I can have a single policy structure that says, should that type of data be allowed to move to a certain type of social application or a certain type of application? So I can see here that that's not allowed. I can't take this confidential file to a social media app, keeping me safe and keeping this information safe. Okay, and another thing I'd want to do is see with this file, I want to be able to upload that to a cloud storage application. So what I can do is I can click on this, select the Google Drive icon, and I can actually select a personal instance of that application. As I try to upload this, we can see that this is blocked. This is prevented from being uploaded to the wrong place. Now, if I take this and move this to my corporate Netscope instance, you can see immediately that it's actually allowed, and I can move that file to the right location. So it's making sure that we are moving the files and the information from any device to the right destinations based on the policy structure inside of your Netscope One tenant. I think that's enough of the gym. I'm going to go back to the office now. We'll pick up later. To showcase how the Netscope One's able to provide you with ultimate visibility and protection, I'm going to now look at my corporate laptop and how it has, again, that Netscope client that is able to steer any website, cloud application, private application through to the Netscope Cloud. But in the same way I was able to look at the different instances on my phone, the Netscope's patented Zero Trust engine is able to look at the different activities that I'm doing in those applications as well. So if I go to one of these apps, let's go to my corporate Google Drive. What I'm going to do here is I'm going to right-click, and you can see here that there's a lot of options that are available of what I might want to do inside of this application. That means that I can maybe delete, edit, create. They're all different activities inside this application. Netscope's Zero Trust engine has the ability to look at over 100 different activities in these various applications, and it has the ability to provide hyper-context, which means if I try to share this file to a Netscope user, this is absolutely fine. If I try to share this now to a Gmail user, you'll notice the pop-up that comes up and educates me that I'm not able to share these files to a non-corporate or non-Netscope user. That's using that Netscope Zero Trust engine to really demonstrate this. Now, the next thing I might want to do is go, well, maybe I don't want to use the corporate Google Drive. Maybe I want to use an application that I've been familiar with that I use at home. Let's say in this case it could be WeTransfer, but there's plenty of PDF converters that are out there or personal file-sharing applications. Netscope's Cloud Confidence Index is a huge library of applications that is able to tell me which applications are of a higher risk. Now, I don't want to stop my users going to these applications because they might want to assess the use of future applications, Expensify or Canva. There's just a whole world of SaaS out there. But I would want to put in place some controls on what they could do inside of these applications. So in this case, I'm going to try and upload a file to a non-corporate application, an application that I deem is having a higher risk to me. And as I do this, you'll see that what happens is I get, again, a pop-up that says, hey, Virgo, this is an unsanctioned application and perhaps we might want to use a more corporate or safer application, something that we've assessed. In this case, we're sending it back to the corporate Google Drive. So it's providing an education to our users so that they are completely covered regardless of what application they're using. Now, the next thing I might want to do is say, well, I still have my old trusty USB stick here. So maybe what I want to do is see if I can move that file over to a corporate, over to that USB stick. But because the Netscope 1 unified client is covering not just external internet traffic with SaaS and web, but also looking at USBs and printers so that I can make sure that this information isn't able to move to the wrong locations, even to a physical destination. Now, from that, I might go, okay, well, how about I try and, you know, I don't need to move the physical file. I'm going to just take a quick screenshot of that file. So if I take this screenshot, what I can then try and do is see if I can just send the image. So most technologies will not be able to look at the text inside of the image or understand the context of what that image is. Netscope has a machine learning engine that has built classifiers specifically for this type of data. It covers things like NDAs, merger and acquisition documents, but also images like passports, driver's licenses, whiteboard images, and screenshots. So again, as I try to move this file, this screenshot file, I get a pop-up. That's because the machine learning engine detects that there's a screenshot, and then the OCR can look at the actual text in there and say, that's a screenshot of sensitive information. Using those two things together, keeping our data nice and safe. Now, of course, I'm starting to get a bit frustrated now. So what I'm going to try and do is use a Tor web browser. This is a web proxy anonymizer, something that usually tries to bypass traditional types of web proxies. And what it uses is non-standard ports as opposed to 80 and 443 to try to get around these traditional applications. So what I'm going to try and do here is connect. But you'll see that the unified Netscape 1 client steers all ports and protocols through to that Netscape cloud where it has a cloud firewall where we can explicitly state these applications that use specific ports would be allowed, but anything that doesn't, and you can see here now, Tor could not connect to Tor because that traffic was not explicitly stated as an allowed firewall application. Now, what we want to do here is say, okay, well, there's other ways that we can move files to cloud applications. Some applications have a thick client. So inside of Slack, you can see it's an application that sits on my desktop, but it's still a cloud application, and Netscape doesn't really mind if it's through a browser or this thick client. It could be sync clients or thick clients that we're using to move our data or access our information. So as I try to connect to a corporate instance of Slack, using this application, I can move the file across, and you can see it's nice and successful. That's the corporate instance. But again, if I try and do this on a non-corporate instance, this time to some colleagues at a third party, I get exactly the same pop-up, making sure that it doesn't matter what device you're using, what applications you're using. Netscape is going to provide you with that ultimate visibility and protection in any location. Actually, what I can see here is a OneDrive link from a colleague, but unfortunately, just based on the time here, I'm going to have to try and take a look at this when I'm outside the office. So whilst I might now be in the airport lounge, my workday hasn't finished. So I want to continue to be protected in any location. So I'm now connecting to the airport lounge Wi-Fi, and the Netscape client has established that connection and is able to protect me regardless. So I remember I've got that third-party instance of Slack where I received a link from my colleague providing me access to a OneDrive account. I go, okay, I want to take a look at this. Netscape is aware that 50% of malware is now being delivered via trusted cloud applications, so it becomes really important that we are able to decrypt all of this traffic where other vendors might want to bypass this because they feel that they might want better performance on those applications. With Netscape One and its new edge architecture, you're not getting a performance trade-off. So we can actually perform that TLS decryption on all this traffic, and as I click this link, you can see that that file is then being scanned with our static analysis, our heuristic file analysis, and our sandbox to ensure that that file is prevented from being downloaded to my machine. Now what I want to try and do is see if I can actually get that file that I was trying to exfiltrate from my phone and maybe move that to my corporate OneDrive account. And as I do this, actually, it says that I've got poor behavior. It's time to improve my behavior. What does that mean here? Well, Netscape One provides over 100 different user behavioral analytics policies that are applied against every single user in the organization, giving them a score out of 100. We look at different behaviors, whether it's insider threat, compromised credentials, to try to determine if that user's account can be trusted, and then we can embed that number, a particular threshold, into our policies so that if I dip below a certain threshold because I've been trying to exfiltrate data across different exit points or downloading malware, it now pivots and prevents me from accessing these applications. So what I'm going to do is try and open up a help desk case and see if I can get somebody to help me on this. And what they're saying is they need my TeamViewer number so that they can make an inbound client access request. So this is something that traditional SSE technologies or ZTNA technologies will struggle with because they make an outbound connection. They establish a connection to their application, and that would mean that you would have to have a secondary VPN client on the device as well. With Netscape One, you have a unified SASE client, which means that for certain applications, in this case TeamViewer, my help desk can make an inbound request and connect in and help me regain access to my applications. It is a single unified platform, giving my users the best user experience, giving me complete visibility and protection in a single client and a single policy structure. That's the power of Netscape One.