What is a Cloud Access Security Broker (CASB)?
A CASB provides enterprises with a critical control point for the secure use of cloud services across multiple cloud providers software as a service (SaaS) apps are becoming pervasive in enterprises, A CASB can consolidate multiple types of security policy enforcement security policies enforced by a CASB include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, and malware detection and prevention.
A CASB has multiple use cases for the enterprise:
BEHAVIOR ANALYTICS & THREAT PROTECTION
Oracle CASB provides a robust built in incident management functionality. This ensures that any alert that is generated by CASB is tracked and appropriate action taken. Additional integrations with incident management solutions such as Service Now are also provided.
Oracle CASB helps detect misconfiguration of various OCI components such as:
Further, with Smart Policies, customers benefit from the abundance of security expertise built by experts. These policies are automatically turned off for each customer to ensure predictable and consistent security across all OCI resources.
A Tour of the Oracle CASB Cloud Service Console:
Get familiar with the major screens and the functions they provide in the Oracle CASB Cloud Service console.
- Incident Management Provider
- Administrator Management
- Threat Intelligence Provider
- SIEM Provider
- Risk events
- Threat Management
- Manage IP Addresses
- Policy Management
How CASBs work:
There are two key ways that a CASB can work. It can be set up as a proxy - either a forward or a reverse proxy - or it can work in API mode using cloud providers' APIs to control cloud access and apply corporate security policies. Increasingly CASBs are becoming "mixed mode" or "multi-mode," using both proxy and API technology. Both of the approaches have its own pros and cons.
A forward proxy can be used for all types of cloud applications and all data passes through the proxy, but to use a forward proxy you need to install self-signed certificates on every single device that accesses the proxy. This can be difficult to deploy in a distributed environment or one with a large number of employee-owned mobile devices.
A reverse proxy system is easier in that respect because it is accessible from any device irrespective of the location, without the need for special configuration or certificate installation. The drawback is that a reverse proxy can't work with client-server type apps, which have hard-coded host names.
API-based systems are also easy to deploy. However, there is a drawback and that is the range of cloud applications. These systems work adequately with limited resources because not all cloud applications provide API support Proxy or API architectures. The CASB has ability to perform different actions with various implications as how it delivers the four pillars of the specific cloud service.
About Vast Edge - Simplified Cloud Solutions
Founded in the year 2004, Vast Edge is a leading IT Consulting Company and Global Service provider of Business Intelligence, big data analytics, cloud ERP, IoT platform, enterprise backup, and disaster recovery, Blockchain, Cassandra, AI/ML, and Integration solutions. We perform Application modernization, follow continuous change management, and implement advanced practices while working on the key areas of enhancing methodologies of project development.
Get a Free Assessment from our cloud experts.
We will get in touch with you soon.