Current State of Internet Threats and Isolation Technologies

Threats from the Internet have gone beyond malicious pranks and are now developing into criminal activities aimed at economic gain. Attackers are constantly researching the detection technology of security products and looking for ways to evade detection by security products, so even if security solutions such as antivirus and Box are installed, malware can invade. There are many cases where it is lost.

Conventional security products are developed based on the idea of detecting and blocking harmful information coming from the web. detection omissions)”.

"Network isolation" is a defense that escapes from such a "cat and mouse game." The basic idea behind network isolation is that instead of using detection technology to detect whether something is harmful or harmless, even if there is a threat in the first place, it should be possible to maintain the safety of the endpoint by rendering it harmless.

In the past, there was a method of physically separating business terminals and Internet connection terminals, but there were many problems such as convenience and operating costs. After that, VDI, which virtualizes the desktop, and technology that uses a virtual browser appeared, and organizations and companies that emphasized security began to introduce them.

Network isolation solution that balances usability and security

Public institutions such as regulatory agencies and IPA (Information-technology Promotion Agency) recommend network separation, and many companies are considering introducing it. Some solutions simply perform pixel mirroring (screen transfer), which transfers screen information as an image. Such products have slow scrolling response speeds and increase traffic due to image transfers. In addition, since the display on the screen is not text, there are cases where the usability is affected, such as the inability to continue using plug-ins or the inability to copy and paste.

"Menlo Security" solves the usability problems found in such existing solutions. Menlo Security is a SaaS-type network isolation solution that transfers only safe rendering information that does not contain active content or malware to the user via the isolation platform "Menlo Security Isolation Platform", but it tends to be a network isolation solution. Instead of generating transfer information on the server side, the patented technology "ACR (Adaptive Clientless Rendering)" acquires and executes web content on behalf of the endpoint web browser. Therefore, it realizes "network separation with high usability" that does not impair usability without css layout collapse.

Menlo Security Isolation Platform (MSIP)

Mechanism of detoxification treatment using patented technology ACR

Menlo Security achieves the same web representation and operability as usual

Hirahara Ikuma of Macnica Cyber Security's 3rd Sales Department, an agent for Menlo Security, emphasizes the significance of introducing Menlo Security, saying, "Menlo Security provides the same operability as a normal browser, such as copy and paste of content such as videos and animations, and text, as well as right-click display. In addition, by introducing Menlo Security to companies that implement web access control using a whitelist system that only allows safe sites, users can access a variety of sites with peace of mind without restricting destinations, improving convenience."

In addition, Mr. Yoshinao Ozawa, Director of Menlo Security, talks about the operation management side as follows.

“Existing security solutions raise an alert every time a threat is detected, which also increases the operational management burden on the person in charge. The purpose is to deliver to the browser.Therefore, there is no need for real-time confirmation and analysis of threats in the first place.I think that this alone will greatly reduce the workload of IT personnel in day-to-day operation management."

Thorough detoxification using patented technology

ACR's content sanitization process is thorough. It has a mechanism in which the original content sent from the web server does not reach the user as it is.

For example, even if some kind of invisible malicious code is embedded in document files, images, video data, etc., all content is rendered harmless and safe so that it does not reach the user in its original form. guaranteed. The Menlo Security Isolation Platform's virtual container is also refreshed each time the connection with the user's browser is terminated, so there is no risk of infection via the container.

Menlo Security can be deployed by any company

Menlo Security's solution is available on a per-user basis with an annual subscription license. There are many users who use multiple terminals such as PCs, smartphones, and tablet terminals for their work, but since it is provided on a per-user basis, even if the number of devices increases, it will not lead to an increase in costs. In addition, since it uses an existing browser, it can be used on Mac, Linux, etc., regardless of the OS, as long as it is a terminal that can access the Web.

Although Menlo Security is a SaaS-type solution, it has sufficient resources for processing power on the cloud side, so even organizations with a large number of users can handle it without problems. One organization has a track record of handling 25,000 users in Japan and 100,000 users globally.

In addition, by changing the proxy and firewall settings within the organization and routing only communication from specific users to Menlo Security, it can be introduced only for some departments and positions such as accounting and executives, and trial verification in the IT department Compared to other security products, it is easier to start with a small start by taking advantage of the characteristics of the SaaS type to perform security.

Macnica 's Hirahara says, "When it comes to network isolation solutions, usability is an important consideration, but that can't be determined by simply comparing a list of features. We want you to try it out with actual users and check whether it reduces the comfort of web access." Macnica offers free licenses for trials. Companies that want to realize secure web access should definitely take advantage of these opportunities.

Reprinted from: ITmedia