CASB Application Filter

About CASB in Forward Proxy

CASB provides granular visibility and control over user activities and risk-based assessment of cloud application usage. Integrate your forward proxy access logs with CASB’s cloud registry for comprehensive analytics, anomaly detection and reporting. Skyhigh cloud registry provides a catalog of >35k categorized cloud services which are classified with >65 security attributes. Trough dynamic service groups, built from the cloud registry, you can enable your forward proxy to block access to non-secure or non corporate cloud apps based on categories, reputation or apply granular risk attribute-based application control. Skyhigh CASB not only integrates to Skyhigh Security SWG but also to other vendor proxy equipment.

CASB Services Overview CASB Services Overview

Extend On Premise Capabilities with CASB

In this lab we will extend the capabilities of our hybrid deployment with CASB for Shadow IT. CASB is natively integrated with Skyhigh SSE Cloud for all web application traffic filtered by the forward proxy components. From your SWG appliance you can forward anonymized and filtered access logs to SSE-CASB via the Skyhigh Cloud Connector for Shadow IT analytics and retrieve dynamic service groups for granular attribute-based application control as subscribed lists.

In our lab we will demonstrate the CASB capabilities based on the logs generated from cloud proxy earlier in this workshop. The cloud connector is not (yet) integrated into our workshop infrastructure.

Hybrid CASB Architecture Hybrid CASB Architecture

Lab Objectives

  • Explore the Skyhigh Security Cloud Registry
  • Configure a Shadow IT Service Group
  • Integrate the Service Group into SWG filtering