Remote Browser Isolation (RBI)
Web browsing has become a key tool for employees. However, the internet is full of threats such as phishing, malware, ransomware and zero-day attacks. Browsing is a serious security risk since browsers run website code on the local device. Malicious code can let cybercriminals onto the device, and from there, onto the network.
Since organizations can’t completely stop users from clicking malicious links, they typically block bad sites using a Secure Web Gateway (SWG).
The SWG can allow good sites and block bad sites, but what about sites that are new? IT Admins can prioritize security by telling the SWG to block new, uncategorized sites. However, with so many websites being created, this can make users unproductive and frustrated.
RBI protects against malicious sites by running activity remotely from the user’s device. RBI sends a safe version of the page to the device, so that malicious code cannot reach it and downloads can be blocked.
For uncategorized websites, RBI gives Admins a new option, ‘Isolate’, that allows end users to browse safely. This gives the best of both worlds: security and productivity.
RBI protects users when they’re on the web, without disrupting their productivity. It adds another layer of protection against web- and browser-based threats, protecting against new attacks not yet documented, new sites not yet categorized, and user error.
Cato RBI adds another way to protect against web-based threats
Cato’s Remote Browser Isolation (RBI) service provides secure browsing through a virtualization service that streams web pages safely to the user’s device. In-browser code is executed remotely, keeping users safe from threats such as ransomware and phishing.
Cato RBI is simple to use, giving admins another option for uncategorized sites. Alongside “Allow”, “Block” and “Prompt”, RBI adds an option to “Isolate”.
Cato RBI is also simple to set up. It is accessible in minutes with just a few clicks, unlike some competitors who require complex setup. Cato RBI requires no maintenance: there is nothing to install and nothing to patch.
Once activated, Cato RBI applies to all internet traffic from all edges. There is no need to configure in multiple locations or for different edges.
Cato RBI is flexible. While some vendors must send all traffic via RBI, Cato’s robust multi-layered protection (including IPS, Anti-malware, Next-Gen Anti-malware, CASB, and DLP) allows admins to choose which traffic to route through RBI.
Cato RBI protects you from hundreds of potential browser-related attacks on uncategorized sites, with less reliance on users to do the right thing. With Cato RBI you can improve your security posture in a few minutes, without impact on user productivity.
Good sites, you allow; bad sites, you block; for those in between, use RBI.
Cato’s RBI vs Other RBI solutions
Other RBI
Other RBI
Cato RBI
Cato RBI
Deployment
Other RBI
Slow and complex
Some RBI solutions require complex, time-consuming configuration. Some require deployment of Virtual Machines and setup of IP address, DNS and certificates. Some are third party solutions that need to be interfaced to the security platform.
Cato RBI
Fast and simple
Cato’s RBI is accessible in minutes with just a few clicks. It does not require configuration and works out of the box. Alongside “Allow”, “Block” and “Prompt”, admins simply have a new option to “Isolate” uncategorized pages.
Management
Other RBI
Complex
Some RBIs require ongoing maintenance, patching and upgrades. Third party RBI integrations may involve separate contract, billing, management and support.
Cato RBI
Simple
Cato’s RBI requires zero maintenance. There is nothing to install and nothing to patch. It is a seamless part of the Cato service.
Security
Other RBI
Less secure
Some RBIs use Document Object Model (DOM) mirroring. They strip out risky page elements, which means they still send code to the browser, and they can miss well-hidden malicious code.
Cato RBI
More secure
Cato’s RBI renders web pages safely to the user’s device as a stream of pixels. In-browser code is executed remotely, and downloads are blocked, keeping users safe.
Breadth
Other RBI
Limited
Some RBIs need to be configured separately for different locations or edges.
Cato RBI
All edges
Cato RBI applies to all web traffic from all edges. There is no need to configure in multiple locations or for different edges.
Scope
Other RBI
Inflexible
RBI vendors that don’t offer other protections must send all traffic via RBI.
Cato RBI
Flexible
Cato’s robust multi-layered protection (including IPS, Anti-malware, Next-Gen Anti-malware, CASB, and DLP) allows admins to choose which traffic to route through RBI, keeping users both productive and safe.
Other RBI
Cato RBI
Deployment
Slow and complex
Some RBI solutions require complex, time-consuming configuration. Some require deployment of Virtual Machines and setup of IP address, DNS and certificates. Some are third party solutions that need to be interfaced to the security platform.
Fast and simple
Cato’s RBI is accessible in minutes with just a few clicks. It does not require configuration and works out of the box. Alongside “Allow”, “Block” and “Prompt”, admins simply have a new option to “Isolate” uncategorized pages.
Management
Complex
Some RBIs require ongoing maintenance, patching and upgrades. Third party RBI integrations may involve separate contract, billing, management and support.
Simple
Cato’s RBI requires zero maintenance. There is nothing to install and nothing to patch. It is a seamless part of the Cato service.
Security
Less secure
Some RBIs use Document Object Model (DOM) mirroring. They strip out risky page elements, which means they still send code to the browser, and they can miss well-hidden malicious code.
More secure
Cato’s RBI renders web pages safely to the user’s device as a stream of pixels. In-browser code is executed remotely, and downloads are blocked, keeping users safe.
Breadth
Limited
Some RBIs need to be configured separately for different locations or edges.
All edges
Cato RBI applies to all web traffic from all edges. There is no need to configure in multiple locations or for different edges.
Scope
Inflexible
RBI vendors that don’t offer other protections must send all traffic via RBI.
Flexible
Cato’s robust multi-layered protection (including IPS, Anti-malware, Next-Gen Anti-malware, CASB, and DLP) allows admins to choose which traffic to route through RBI, keeping users both productive and safe.