Symantec announced Tuesday its new cloud access security solution to help secure cloud and internet access and use in an enterprise environment.
Symantec’s latest solution innovations, part of the Integrated Cyber Defense Platform, enable enterprises to enforce consistent Zero Trust security policies for users accessing SaaS applications, corporate applications in IaaS environments, cloud-based email, and the internet.
Zero Trust access security gives authorized users access only to the network and cloud resources they need to accomplish tasks and strictly enforces data security and threat prevention polices.
In addition to access controls, the solution provides unique visibility and content scanning capabilities, allowing enterprises to enforce consistent DLP policies on information being sent to cloud and web destinations, and threat inspection for content downloads. Additional integrations with Symantec VIP for multi-factor authentication and Symantec Web Isolation for enhanced threat prevention further extend the solution.
“Traditional network perimeters are dissolving as cloud technologies change the way we work. Symantec understands the need for a Zero Trust approach, which reduces emphasis on perimeter-based security and focuses on providing the right secure access to employees regardless of location or device,” said Art Gilliland, EVP and GM, Enterprise Products, Symantec. “Symantec has a powerful cloud and internet security portfolio, and we continue to innovate and integrate to help our customers improve security in the evolving landscape, all while reducing cost and complexity.”
New solution capabilities include:
SaaS Application Security – CloudSOC Mirror Gateway uses Symantec Web Isolation capabilities to deliver a robust set of Cloud Access Security Broker (CASB) security controls for unmanaged devices, covering all modern SaaS applications. Additionally, new integrations in CloudSOC CASB Gateway enable granular policy controls throughout a cloud session based on adaptive multi-factor authentication via Symantec VIP or solutions from Symantec TIPP partner Okta.
IaaS Application Security – Content uploaded or downloaded to corporate applications deployed in IaaS and other environments can be inspected with Symantec DLP for enforcement of information security policies, as well as antivirus and sandboxing technologies for threat prevention. These capabilities are available in Symantec Secure Access Cloud, based on technology Symantec acquired from Zero Trust pioneer Luminate in February 2019. The service uses a Software Defined Perimeter (SDP) approach to provide a simple and secure way to give users access to only the specific corporate applications and resources for which they are authorized, regardless of where they are deployed. In addition to the new content scanning features, the service now also includes multi-factor authentication capabilities to enable continuous risk-based identity verification.
Web & Internet Security – New integrations and device support have been released for the Web Security Service, Symantec’s cloud-delivered network security service securing employees’ web and internet access and use. The service now integrates with Secure Access Cloud, enabling sharing of web sessions and authenticated user information to simplify the operation and use of the services. Additionally, Web Security Service has expanded support to include Windows 10 and Chromebook devices.
Email Security – The isolation of suspicious email attachments has been added to Email Security.cloud’s existing embedded link isolation capability. Combined with link isolation, this integrated approach insulates users from email threats such as phishing, ransomware, and account takeover.