Book a FREE consult now

We'd love to give you a full tour of our solutions.

Book a FREE consult

Published on:

September 30, 2024

Understanding Two Ways to Set Up CASB (Cloud Access Security Broker)

1. Proxy-Based CASB:

  • A proxy-based CASB is like a middleman sitting between users and cloud services (like SaaS providers).
  • It acts as a checkpoint, inspecting and modifying the data that goes through it.
  • This setup can encrypt data, and track user activities like logins or use of certain features.

Two Types of Proxies:

  • Forward Proxy: Known to the user’s browser, it sends traffic through the CASB.
  • Reverse Proxy: Works invisibly, catching traffic on its way to the service.

How It Works:

  • Imagine you want to use a cloud service. Normally, you’d connect directly to it.
  • With a proxy CASB, your connection first goes to the CASB, which then talks to the cloud service for you.
  • The CASB can add security measures like encryption or block certain actions.

Advantages and Disadvantages:

  • Advantage: Flexibility. It can work with many different cloud services.
  • Disadvantages: It can slow down internet traffic, there are decisions about where to place it, and handling secure internet sessions (TLS) can be tricky.

Note on TLS:

  • Normally, TLS protects your browsing from eavesdroppers.
  • A CASB might need to break into this protection to do its job, which requires careful security decisions.

2. API-Based CASB:

  • Instead of operating at the level of HTTP/HTTPS, this CASB uses the cloud service’s own tools (APIs) to add security.
  • It works directly with the cloud service’s system, not the data traffic.

Advantages and Challenges:

  • Advantage: No issues with managing internet sessions or secure connections.
  • Challenge: These CASBs are specific to each cloud service. What works for one might not work for another.

Written by:
Henk Jelt Hoving
Book a demo now

We'd love to give you a full tour of our NaaS solutions.

Book a demo now

SASE SD-WAN

What are the types of Internet Access?

Read article

What are the Security Challenges of 5G Networks?

Read article

How is a site survey conducted for Internet Access?

Read article

Can't find the answer?
Ask us directly.

We've build a huge library with all there is to know about IT networks and security. If you're looking for some deep information, than this is the place to be.
Reach out to us

What we promise

Monthly trails & demos
You're always up-2-date
We're here to help, 24/7
We're always down to business
Ask and we'll answer
Seamless site integration
Simple solutions for big problems
Monthly trails & demos
You're always up-2-date
We're here to help, 24/7
We're always down to business
Ask and we'll answer
Seamless site integration
Simple solutions for big problems