2024 Global Cyber Confidence Index

Arrow pointing right
ExtraHop Logo
  • Productschevron right
  • Solutionschevron right
  • Why ExtraHopchevron right
  • Blogchevron right
  • Resourceschevron right

Featured

Technology Partner

Netskope

Security

Performance

Unprecedented visibility into your Security Service Edge (SSE) environment

Overview

Expand global visibility into all traffic

Feed traffic packets between users, offices, and the Netskope One platform to RevealX for network analysis and visibility

Gain real-time visibility into network traffic crossing your Netskope Intelligent SSE environment. RevealX captures packet data on every interaction in near real-time to clearly identify where problems lie, speed resolution, and improve the user experience.

Challenges

Lamenting the loss of visibility with SSE?

Maintaining zero trust and regulatory compliance requires visibility into all network traffic

SSE and Secure Access Service Edge (SASE) solutions are well-suited to address the dynamic anywhere, anytime needs of a modern digital business and its hybrid digital workforce. But they do have limitations.


Historically, SSE environments have created blind spots. SSE providers create secure tunnels for data to traverse between users, branch offices, and their cloud-based security service. They accomplish this by blocking access to the data flowing through those tunnels.


But to maintain zero trust, security and IT teams need visibility into all network traffic, across each security domain, including cloud, hybrid, and on-premises environments. But with SSE, they may create workarounds to get this visibility, like using less reliable, recreated models of the traffic or deploying heavy-handed endpoint solutions that may degrade network performance, and have negative effects on SLAs and productivity. Or worse, they entirely forgo visibility into this traffic.


Gaps in an organization’s zero trust architecture due to lack of visibility can lead to hefty fines for non-compliance in highly-regulated industries. Threats can go undetected in encrypted traffic that’s otherwise authenticated, giving attackers longer dwell times to orchestrate more sophisticated campaigns, like ransomware.


In an era when cyberattacks are becoming harder to detect, outages can come from unexpected culprits, and operational resilience is becoming a regulatory imperative – gaps in visibility are unacceptable.

Solution

RevealX and Netskope

Built-in integration for ubiquitous visibility

Every interaction between users, applications, shared services, and backend systems is underpinned by traffic on the network.

ExtraHop receives a copy of network traffic from Netskope Cloud TAP, and analyzes it alongside other data feeds to clearly identify where problems lie, speed resolution, and improve the user experience.

Key Benefit:

Zero Trust End-to-End

ExtraHop uncovers threats hiding in encrypted traffic by decrypting traffic out-of-band. Data-in-transit stays encrypted and protected with TLS 1.3 and Perfect Forward Secrecy (PFS) until it reaches its final destination. Because it analyzes a copy of network traffic, the original communication is never impacted or slowed.


Extrahop & Netskope SSE diagram

Use Case

Preserve evidence for forensics and compliance

Solution

ExtraHop offers a range of options to store records, including 30-, 90-, or 180 days of storage and access with Standard Investigation. Working with the scalable PCAP repository, responders can perform forensic investigation with a deep level of network visibility.

Benefits

Speed up intruder eradication and strengthen operational resilience.

“The integration between ExtraHop and Netskope enhances our customers’ visibility into network traffic and security events. This collaboration allows for near real-time threat detection and response, ensuring that our clients can proactively address potential security issues before they escalate.”

John Martin Chief Product Officer, Netskope

Associated content