With Cloud based SaaS apps you have to be aware that API based security is a critical component of your security architecture. Learn why as Shannon Emmons, Sr. Product Manager at SonicWall, explains the ‘Agent Approach’ from an end-point perspective.
API based security is a big deal for SonicWall and is a part of many of their solutions. It is also a major thesis for RedZone as a part of cloud security moving forward. Listen to this brief video as Shannon and I discuss ATA security versus API based security. Buckle up and get some learning done.
RedZone Technologies’ goal is to help businesses secure their networks and keep their data safe. RedZone can help you minimize risk. Contact our team today: (410) 897-9494 | firstname.lastname@example.org.
Bill: If you could explain for everybody what is the difference is between an MTA approach security versus like API – and start in the cloud world.
Shannon: Sure, absolutely. So a couple of key differences. When you’re talking about an MTA based technology, typically you’re talking about an email security gateway, right? They sit in front of your exchange. Then they are just protecting email, which is fine, if that’s all you need. But, as we’ve moved to the cloud and we’ve moved to things like Office 365 that have multiple apps within that suite, you have a broader need, it isn’t just email. Yes, you need email protection. But you also need to protect your OneDrive.
I can’t tell you the amount of customers I talk to that when I ask them, ‘Do you know what’s in your OneDrive and how are you protecting it?’ They just look at me like a deer in the headlights – and that’s a scary place to be. You need to protect that data.
You’ve got your SharePoint, now you’ve got Teams coming in. Some of the key advantages of an API based technology is not only ease of deployment. We can actually onboard you – I think it’s like six questions, and when I demo it, it’s like four minutes. Now, if you want to read every single line on the permission screen when we give you the popups, it’s probably going to take a little bit longer. But you can get a good sampling and you’re getting onboarding and then you’re running your compliance scans already, within four minutes – which is huge. There’s no latency for your end users. It’s seamless to them. They don’t know it’s there because we sit within the SaaS app itself. There’s no agents on the end points. There’s no separate portal for them to log in to. However they’re logging into their SaaS apps today, they continue to do that.
So one of the ways that we leverage the SaaS providers, I think I mentioned this earlier, is everything that they scan, we pick it up or everything they scan and they pass as clean, we pick it up and then we continue scanning and then we scan it with our advanced protections. So the reduction in latency is because we’re API based, we’re really contained for the majority of the information within that same space, is huge. There’s no redirect of traffic that’s needed. There’s no changing of MX records as needed. We’ve used terms like CASB which is somewhat of a turnoff for people. We don’t, we’re not a broker so you don’t have to deploy a broker, you don’t have to deploy long on connectors. So CASB also typically don’t provide email protection from the security perspective.
They don’t necessarily claim to be a DLP solution either.
Bill: Just your broker, interrogating into wherever you’re going.
Shannon: Exactly, exactly. So being API based, although we don’t have to be to deploy. I don’t like to refer to us as a CASB. We took a holistic approach to protect not only just your email but also your other SaaS apps within that suite that you’re using. So we focus, which is not something that your MTAs can do and there’s also deployment overhead with MTAs and there are some key differences there.
Bill: It’s a nuance, but it’s a very important one.
Shannon: It is. It is because that protection space has expanded. One of the things that I would see in one of the very large enterprise customers I worked with is, as in most larger organizations they’re at IC admins or their security admins are typically segregated.
You have somebody who manages email, then you’ve got somebody who manages Box, somebody who manages the OneDrive and the other apps, cloud storage apps or whatever.
Shannon: What we didn’t want to provide was a disjointed situation, right? Not help the bolt-it-on approach to continue to proliferate. So we provide a comprehensive solution so you don’t have to piece together a bunch of packages. You don’t have to spend an hour and a half trying to figure out what to buy. You know your multiple IT admins can administer the same product. One vendor administers cloud storage, one administers email. You can do all that from within the same technology.
Bill: You also made a point that I think is important – that, like any product, some have the sort of legacy reputation, other than just being a firewall vendor. We had some good questions from the audience like, “Well don’t I have to be on your firewall project to do this?” What a great question and the answer was no, which was good.
Shannon: Yes, being API based, we don’t have any dependencies from the cloud app security perspective on any of our existing products. Clearly we want you to use them and you get a lot of value from using our capture security center with that single pane of glass by plugging in the different technologies and managing them from the same space. But for cloud app security, we have no other product dependencies. You just need to be using a SaaS app, like Office 365 or G Suite, or Box, or Drop Box-
Bill: Some of your other products work the same way. You can have a legacy investment in the firewall bed but might want to capture a client at your end points. Those can bypass the firewall and grow to the security center, which I found… Though it’s more powerful to tie it into the firewall. But you know, if they just bought the firewalls two months ago, you’re not going to get them off of it – at least for a little while.
Shannon: Right, right. Every customer is different and their business needs are different. Nobody is going out buying all new technology across their space in one day. It’s an evolution. So, as a customer whichever vendor you select, you get as many products as you can consolidate into a single platform for management and reporting and security effectiveness, the bigger benefit it is to you. Is it practical to think that every single one of our customers is going to have every piece of our technology? No. And so we want to give you that flexibility so that you can manage the products that you have in a solid, cohesive way. Then, if you are not happy with another technology, you can potentially replace them going forward and keep it all together in a really tightly integrated fashion.