What is Web / Browser Isolation
The technology essentially is a mini browser environment. It does all the web browsing on behalf of the user and then renders the content back to the end user. This way the actual user’s client browser just sees a rendered screen rather than all the native web content it would if it was connected directly to the server. The value is that by isolating the browsing and doing it for the user, the system can restrict bad content from reaching the end users system.
As per Kaspersky, users browsing the internet opens the enterprise to signiﬁcant risk. Kaspersky estimate that 98% of external information security attacks are carried over the public internet, and that 80% of these attacks are targeted directly at end users using web trafﬁc or malicious URLs.
Symantec also releases its study about browser vulnerabilities.
Gartner releases its report on remote browser isolation in 2016. As per Gartner documents (ID: G00315285), almost all successful attacks originate from the public internet, and browser-based attacks are the leading source of attacks on users. Information security architects can’t stop attacks but can contain damage by isolating end-user internet browsing sessions from enterprise endpoints and networks. Documents suggested that enterprises can no longer assume that their traditional detect-and-respond security strategy is enough to stop all web-based malware attacks. (also read – Myths about Malware Infections and Protection)
Remote browser isolation was conceptually ideal solution for doing just moves all browsing activities out of the network and away all malware/ harm to a remote location from the user’s machines.
Remote browser isolation is the most effective way to protect your users against web based cyber-attacks. A remote browser isolates the user’s Internet browsing activity from the end user’s device and from the rest of the enterprise’s networks and systems. This effectively creates an “air gap” between inevitable attacks and the enterprise network, restricting the ability of an attacker to establish a foothold, move laterally, breach other enterprise systems, and exfiltrate data.
Nowadays enterprises looking for web isolation on their cybersecurity strategy. The web isolation should be capable of working Secure Web gateway, Data Loss protection and other security solutions. Web isolation entirely changes the way the enterprises handles the threats of an enterprises.
Web isolation is a new architectural approach executes webpages on isolated browsers and mirrors the rendering to the end user’s machine. The dual-engine approach uses the browser’s Document Object Model (DOM) with Adaptive Clientless Rendering (ACR) or Pixel ACR to ensure an optimal user experience.
This eliminates malicious drive-by attacks and provides techniques that minimize the risk of downloaded files and password theft. The isolation-based solution can be delivered on-premises or from the AWS cloud.
The web isolation platform can build inside the DMZ of the premise or on the cloud. There are vendors whose provide the web isolation services from the public cloud like AWS. (also read – Multi Cloud Security Technology Requirements)
Remote browser services / isolation removes the act of internet browsing off of the end user’s device and into a remote server, either on-premises in the demilitarized zone (DMZ) or delivered as a cloud-based service. In the spirit of people-centric security, the user is still empowered and enabled to browse the public internet, but attacks are kept isolated in the remote browser sessions. The end-user machine browser can see only the rendered data.
We can see the Gartner recommendations and use cases in next blog article.