CASB is a security solution that acts as an intermediatory between Users and Cloud service provider. CASB helps mitigate the gaps left by cloud service providers in their IaaS, PaaS or SaaS offerings.
CASB helps organizations to control cloud security policies from the comfort of office because it can be an On-premise (hardware or software) OR in-cloud (SaaS) offering.
CASB offers enhanced visibility, data security and threat protection through enforcement of fine-grained policies along-with follow-up action(s) and compliance.
CASB can be deployed in-line (forward or reverse proxy) or in API mode.
In-line mode:
Here CASB sits in-between the Users and Cloud provider and acts as gateway for all in-bound and outbound traffic. This deployment mode provides centralized control of data request and threats, however, can also act as bottleneck for large enterprises due to high volume of traffic going back and forth.
API mode:
In this deployment model CASB is integrated with cloud apps via API and can tune-in to the requests and responses. This prevents the bottleneck situation but can only protect SaaS or PaaS (to certain extent) services and leaves out IaaS to be managed separately.
Comments