Solved

CASB and DLP over NGSWG

  • 4 June 2023
  • 6 replies
  • 159 views
F
Rank
Badge +8

What are the limitations of CASB in NGSWG (Next-Generation Secure Web Gateway), and what are the limitations of DLP (Data Loss Prevention) in NGSWG? Additionally, what is the difference in functionality when purchasing only advanced DLP with NGSWG, and what are the use cases and benefits if one opts to purchase advanced CASB with NGSWG?

Meaning i am the customer who buys NGSWG next year i buy only the advance CASB what are the use cases or what more granular control i get with this also same goes for DLP vice versa.

icon

Best answer by msouza 15 June 2023, 15:09

View original

6 replies

msouza
Rank
Userlevel 2
Badge +15

Hi @farhan 

I guess there might be a confusion here. When you say "Advanced CASB", what are you referring to? 

 

Marcelo Souza
W
Userlevel 3
Badge +11

@farhan I think i understand.  A sales engineer could explain it to you or you can ask to speak to a reference company.

CASB refers solely to the 3,000 (or so) worldwide applications that Netskope calls "Cloud Applications".  For a percentage of those, Netskope has defined within a webpage what login, upload, download, post, etc looks like.  So you apply a DLP policy to those activities.  You "Steer" to any/or all of those applications.  Note that certain desktop applications are by default "Bypassed" as steering them will break the application.  So you have to decide whether you are going allow that or not, or utilize APIs to get to enterprise versions of that application (Dropbox is an example)

 

In  NGSWG (Next-Generation Secure Web Gateway)  you "steer" all 443 or 80 traffic through Netskope.   IF Netskope does not have a built in recognition of an activity (again, upload/download/form post) then you can take their webpage recorder, do the activity, tease out what the upload/download looks like electronically in web traffic, describe in your tenant for that application what the activity looks like in a browser, then attach a DLP policy to that activity and application.

 

I would guess that @msouza is trying to anderstand what you mean by "Advanced DLP for CASB" because there is no difference between DLP for CASB and DLP for NGSWG other than the total # of websites that can be covered.  @msouza is cleared to correct me.

 

There is a difference in the Threat Protection options available for CASB vs. NGSWG, you should have Netskope explain that to whomever is interested in your company.

msouza
Rank
Userlevel 2
Badge +15

@wilson thanks for your answer. 

So yes, you are correct. Adding to that, we have what is called Cloud Inline (CASB features for inline/real-time steered traffic) and NG-SWG. The main difference between than is that NG-SWG also support non-SaaS apps (that is, "legacy" web traffic).

Anyway, DLP features are supported in both - for the SaaS Apps activities that we support, like Wilson mentioned. 

This might help: https://www.netskope.com/wp-content/uploads/2022/10/next-generation-secure-web-gateway.pdf

Marcelo Souza
F
Rank
Badge +8

Hi guys thanks for the reply my simple question is that If i have NGSWG Which is the combination of DLP + CASB so i want to know the Limitations of both DLP and CASB in NGSWG. When I introduce Advance DLP license to the customer. What use cases require to pitch that also same goes for CASB.

I guess API CASB license not included in NGSWG professional. Also same for threat protection.

msouza
Rank
Userlevel 2
Badge +15

CASB API is not part of NGSWG. It's a different product with different SKUs. 

NG SWG can be licensed with Standard / Advanced DLP, and Standard / Advanced Threat Protection.

This might help you understand the differences for DLP:

 

 

Marcelo Souza
F
Rank
Badge +8

Hi @msouza thankyou so much Netskope live community is great. Also as you said CASB-API is not part of NGSWG. So present CASB of NGSWG is used for Cloud apps visibility and CCI right? Activity control over cloud apps 

Reply


Terms & ConditionsCookie settings