Symantec this week announced several improvements and integrations aimed at bolstering its approach to secure access in the cloud.
The Cloud Access Security Solution, part of the company’s Integrated Cyber Defense Platform, is designed to address security issues in the cloud, on the web and in email. The goal, according to Symantec, is to offer customers an integrated suite of solutions that enforce zero trust security policies across all cloud-based environments.
The combined solution, which integrates products from a host of acquisitions, is extremely comprehensive, said Rob Westervelt, a research director at IDC.
“They are combining technologies they acquired from Bluecoat, Illuminate and Fireglass with the rest of their portfolio: DLP, rights management, automation encryption and endpoint protection,” he said.
One of the most significant parts of the announcement is designed to improve application security in the cloud. It combines the CloudSOC Mirror Gateway with web isolation capabilities from Fireglass to create a set of cloud access security broker (CASB) security controls for applications in the cloud, accessed by any device. It also allows organizations to apply and enforce granular policy controls.
“If you have an application that is extremely critical, you can use the Mirror Gateway to basically create a mirrored copy in an isolation portal,” Westervelt explained. “Because they are working on a mirrored copy of the application in isolation, nothing can really break, and it’s much more difficult for an attack to be carried out.”
Westervelt said the solution has a lot of promise and solves important security issues, but Symantec has yet to prove that the solution scales.
Another important part of Symantec’s Cloud Access Security Solution protects data uploaded or downloaded to an organization’s applications deployed in cloud-based infrastructure. The solution, based on technology from Luminate, which it acquired in February, allows the content to be inspected with Symantec’s DLP tool, as well as antivirus and sandboxing technologies.
The Luminate acquisition, a huge enabler of the infrastructure-as-a-service (IaaS) solution, was a critical one for Symantec, Westervelt said.
“CISOs—even those who work in Symantec shops—often tell me they are using Zscaler’s remote access solution to access cloud resources as an alternative to VPN because it’s easier and solves the issue of bring your own device [BYOD],” he said. “And that’s all they were using Zscaler for. Symantec’s solution in this area now does almost the exact same thing.”
In addition to the software-as-a-service (SaaS) and IaaS parts of the Cloud Access Security Solution, Symantec announced more minor advances in the web and internet security arena and the email security arena.
Westervelt said this announcement is an important one, both for Symantec and its customers. Not only does it bring critical components together under the same umbrella, but it does so in a way that can reduce complexity and cost for customers.
“The cool thing is that they aren’t just announcing that they have integrated new technology with what they already have,” he said. “They have built on top of it. The Secure Access Cloud piece itself is an integration coupled with Symantec’s VIP Secure Access, which means that if there is a perceived issue, you can step up the authentication and push out a challenge.”