Symantec Corp. announced its new cloud access security solution to help secure cloud and internet access and use in an enterprise environment. These enhancements and integrations across Symantec’s network security portfolio further position Symantec as the only security provider to offer an integrated cloud-delivered solution that lessens operational costs and complexity, while lowering operational risk.
In today’s business environment, there is a tremendous volume of enterprise network traffic directed to the cloud and internet. Regardless of the location or the device, users need direct, always-on access to cloud resources in order to be productive. And IT organizations need a simple, cost-effective means to ensure employee access is secure to all of the company cloud and internet destinations.
“Traditional network perimeters are dissolving as cloud technologies change the way we work. Symantec understands the need for a Zero Trust approach, which reduces emphasis on perimeter-based security and focuses on providing the right secure access to employees regardless of location or device,” said Art Gilliland, EVP and GM, enterprise products, Symantec. “Symantec has a powerful cloud and internet security portfolio, and we continue to innovate and integrate to help our customers improve security in the evolving landscape, all while reducing cost and complexity.”
Symantec’s latest solution innovations, part of the Integrated Cyber Defense Platform, enable enterprises to enforce consistent Zero Trust security policies for users accessing SaaS applications, corporate applications in IaaS environments, cloud-based email, and the internet. Zero Trust access security gives authorized users access only to the network and cloud resources they need to accomplish tasks and strictly enforces data security and threat prevention polices. As such, it is an effective way to secure the enterprise as it moves to the cloud.
In addition to access controls, the solution provides unique visibility and content scanning capabilities, allowing enterprises to enforce consistent DLP policies on information being sent to cloud and web destinations, and threat inspection for content downloads. Additional integrations with Symantec VIP for multi-factor authentication and Symantec Web Isolation for enhanced threat prevention further extend the solution.
“Users want anytime, anywhere access to the applications and corporate resources that allow them to quickly accomplish their tasks, but IT and security professionals need to protect them, and the corporation, from the business risks associated with enabling a direct-access model,” said Doug Cahill, senior analyst and group director, Enterprise Strategy Group. “Symantec’s secure access solution, part of its Integrated Cyber Defense Platform, is the right approach to keep users secure and productive while significantly reducing risk.”
New solution capabilities announced today include:
SaaS Application Security - CloudSOC Mirror Gateway (patent-pending) uses Symantec Web Isolation capabilities to deliver the industry’s first robust set of Cloud Access Security Broker (CASB) security controls for unmanaged devices, covering all modern SaaS applications. Users now have real-time, in-line security controls over the use of public cloud applications from any device. Additionally, new integrations in CloudSOC CASB Gateway enable granular policy controls throughout a cloud session based on adaptive multi-factor authentication via Symantec VIP or solutions from Symantec TIPP partner Okta.
IaaS Application Security – Content uploaded or downloaded to corporate applications deployed in IaaS and other environments can be inspected with industry-leading Symantec DLP for enforcement of information security policies, as well as antivirus and sandboxing technologies for threat prevention. These innovative capabilities are available in Symantec Secure Access Cloud, based on technology Symantec acquired from Zero Trust pioneer Luminate in February 2019. The service uses a Software Defined Perimeter (SDP) approach to provide a simple and secure way to give users access to only the specific corporate applications and resources for which they are authorized, regardless of where they are deployed. In addition to the new content scanning features, the service now also includes multi-factor authentication capabilities to enable continuous risk-based identity verification.
Web & Internet Security – New integrations and device support have been released for the Web Security Service, Symantec’s cloud-delivered network security service securing employees’ web and internet access and use. The service now integrates with Secure Access Cloud, enabling sharing of web sessions and authenticated user information to simplify the operation and use of the services. Additionally, Web Security Service has expanded support to include Windows 10 and Chromebook devices.
Email Security – The isolation of suspicious email attachments has been added to Email Security.cloud’s existing embedded link isolation capability. Now users can verify that the attachment is both genuine and safe before it is released into their environment. Combined with link isolation, this unique, integrated approach insulates users from email threats such as phishing, ransomware, and account takeover.