SASE Series #3 Remote Browser Isolation (RBI)?

SASE Series #3 Remote Browser Isolation (RBI)?

Definition of Remote Browser Isolation (RBI)

Remote Browser Isolation (RBI) is a web security solution designed to protect users from threats originating from the internet. RBI is also known as web isolation or browser isolation. In short, RBI is done by rendering internet content in a sandbox environment and sending only the final rendered page to the browser. This process protects the device and the user from some malware embedded in web pages.

3 Types of Browser Isolation

Apart from Remote Browser Isolation, there are 2 other types of Browser Isolation namely On-Premise Broser Isolation and Client-side/local Browser Isolation. Here is a brief explanation of all three:

  • Remote Browser Isolation runs in a cloud-hosted sandbox – an isolated test environment – separate from the organization’s internal environment.
  • On-premises browser isolation works like RBI, but is hosted as part of the organization’s internal IT environment
  • Client side/local browser isolation runs on user endpoints in a virtualized sandbox and deletes browsing data after the session

How Remote Browser Isolation works

  • User attempts to access potentially malicious web content
  • This web content access request is evaluated against a predefined policy, and if there is a match, the platform will create an isolated browser session
  • The platform connects to the content and loads it into the remotely isolated browser
  • The rendered web content is streamed to the end users’ native browser as pixels through the HTML5 canvas.

2 Types of Remote Browser Isolation

RBI is further divided into two types based on how it checks web pages for malicious content before delivering them to users, namely:

DOM Mirroring

Websites consist of different types of content, some of which are more risky than others. DOM Mirroring filters certain types of content from a web page before passing the rest to the user. This solution does not provide complete isolation as the user’s browser still renders some content from suspicious sites.

Pixel Reconstruction

Implementing this solution, the end result of the web page rendering process is a collection of pixels displayed on the user’s screen. Pixel Reconstruction performs the complete rendering process on the remote browser instance, then sends the final image to the local browser for display. Since the user only receives the pixel array and not the code that generated it, this protects the user from the potential execution of malicious codes within the user’s browser.

The Importance of Browser Isolation

Along with the times and technology, more and more employees are doing mobile work from anywhere. They mostly do their work through the internet. Often, employees are connected to the internet almost constantly. While being connected almost all the time keeps them productive, it also poses risks.

Cyberattacks, such as phishing, acquire targets through the user’s web browser. Some phishing behaviors include serving malvertising, clickbait that can lead to malicious content, browser-based trojans, and more. Once the user’s browser connects to these phishing sites, cybercriminals can launch their actions because access has been opened to the user’s machine, and eventually to the user’s network.

Blocking high-risk websites can be done through firewalls. However, the block list does not take into account unknown threats. And the list of allowed browsers (allowlist) will frustrate company employees with restrictions. Traditional network security measures are not designed for today’s cloud and open internet. This is why companies need RBI.

Keep in mind, RBI is not network security. By placing user browser sessions in an isolated sandbox in the cloud, it ensures cyber threats such as ransomware and other malware cannot enter the corporate network through compromised web pages.

Benefits of Remote Browser Isolation

  • Enables secure access to web content by isolating users from web applications to deliver secure rendering of accessed web content, without the need for agent endpoints on each device
  • Protects sensitive data from targeted attacks hidden in web pages, downloadable web content and vulnerable plugins – so data is not lost
  • Eliminates the threat of data exfiltration by preventing web pages from compromising endpoints even if browsers contain vulnerabilities or install insecure plugins
  • Allows for more open internet policies that minimize policy complexity, reduce risk, and give users more leeway when it comes to web browsing

Remote Browser Isolation challenges and pairing solutions with Zero Trust

Despite its many benefits, the implementation of RBI services also has some disadvantages. This is because sandboxing a high volume of browsing sessions, and streaming sessions to users tends to result in high latency, high bandwidth consumption, and high costs.

For this reason, an effective RBI blends perfectly with the Zero Trust security architecture approach. Zero Trust RI extends the definition of Zero Trust to everything users do on the internet and in Saas and private applications. Enterprises don’t have to choose between speed and security because native integration with a cloud-delivered security stack provides unlimited scale and bag flexibility.