FortiGuard CASB Service
Ensure Safe Access to SAAS Applications
Contact Us
Overview
The FortiGuard CASB Service – a dual-mode cloud access security broker (CASB) solution – provides security, scalability, and performance across SaaS applications, usage and data, using both inline and API-based CASB capabilities. The FortiGuard CASB Service is part of FortiSASE and Fortinet Zero Trust Network Access (ZTNA) solutions, offering cloud-delivered security to managed and unmanaged devices and locations.
API-based CASB (FortiCASB)
API-based CASB is a cloud-native cloud access security broker (CASB) service that provides visibility, compliance, data security, and threat protection for cloud applications. It enables deep inspection and policy management for data stored in SaaS and IaaS applications.
Inline CASB with ZTNA and SASE
The FortiGate ZTNA access proxy can be configured to act as an inline CASB by providing access control to SaaS traffic using ZTNA access control rules.
FortiSASE uses application control and SSL deep inspection to act as an inline CASB.
How the FortiGuard CASB Service Works
How CASB protects managed and unmanaged locations and devices
Managed location: When workers are at the office, the user request is traversed through the gateway which applies the right cloud security policy for accessing the app using the inline CASB.
Unmanaged location: When users are remote, both the inline and API CASB will be used to give protection to SaaS apps.
Managed user: Users who have FortiClient as part of ZTNA leverage inline CASB for app security.
Unmanaged user: Users with BYOD or no ZTNA/FortiClient client leverage API-based CASB for app security.
Fortinet Security Fabric Integrations
The strength of Fortinet's platform-driven approach is to enable coordinated workflows including response while customers benefit from a globalized network effect across Fortinet’s worldwide install base. The FortiGuard CASB Service portfolio is integrated into the following Fabric solutions:
Safe Access to SaaS Applications Across the Fabric
FortiGuard CASB Use Cases
Assess Risk
Evaluate application usage spikes to determine risk and ensure that corporate data is being handled safely.
Address Compliance
Use reporting for frameworks such as SOX, GDPR, PCI DSS, HIPAA, NIST, and ISO 27001 to provide visibility into policy violations for eventual remediation.
Prevent Data Loss
Defend against data breaches with a highly customizable suite of data loss prevention (DLP) tools, plus leverage a set of predefined compliance reports.
Malware Protection
Block malware from being uploaded or downloaded via SaaS applications and quarantine suspicious files.
Secure Non-Corporate Tenants
Specify the list of tenants that users are permitted to access with tenant restrictions. This can be enforced from managed and unmanaged locations.
Illuminate Shadow IT
Provide administrators with usage information for all sanctioned and unsanctioned (shadow IT) cloud applications to help enforce policy-based access controls.
Features and Benefits
CLOUD APPLICATION VISIBILITY
Discover cloud app usage, create a shadow IT report on cloud spend, and perform a risk assessment
DATA SECURITY
Protect data in motion and data at rest within cloud applications
COMPLIANCE
Leverage predefined reports for standards including SOX, GDPR, PCI DSS, HIPAA, NIST, and ISO 27001
TENANT MANAGEMENT
Control the productivity, privacy, compliance, and security of corporate and non-corporate tenants
THREAT PROTECTION
Detect account-centric threats and anomalies with user and entity behavior analytics (UEBA)
RISK MANAGEMENT
Expand visibility into risk trends and events, user insights and behaviors, and view severity statistics for data stored in SaaS applications and public cloud deployments
Resources
