Remote browser isolation (RBI), a virtual browser technique, provides an additional security layer against threats originating from web browsers. RBI helps you reduce the attack surface by separating user browsing activities from endpoint hardware.
Here is how the process typically works:
A user attempts to access a web application or page.
Remote browser isolation technology takes a zero trust approach, and does not implicitly trust any website. It moves all Internet activity into an isolated environment, ensuring a safe web browsing experience. Gartner reports that by 2022, 25% of businesses will adopt browser isolation technology, and that RBI can reduce attacks on end-user systems by as much as 70%.
RBI solutions allow businesses to manage remote access to corporate networks, and secure unmanaged devices when accessing Internet resources. When users access the Internet through a remote browser application, they view web content over a secure channel—typically only the visual representation of web pages, without accessing files or executing codes on the local environment. If a malicious link is opened in an isolated environment, it will not affect the employee’s system.
RBI can protect organizations from known and unknown web-based threats such as ransomware, zero-day attacks, and drive-by-download attacks. RBI not only protects web browsers from attacks, but also prevents disclosure of sensitive user data and browser history that attackers can use for malicious purposes.
RBI solutions can provide a wide range of capabilities, depending on the type of isolation enabled. Here are several functionalities any RBI solution should provide:
when an RBI is asked to create an isolated browser instance, it first needs to authenticate the user. Once the user is authenticated, the solution can load the profile permissions, preferences, and settings of the user, and create the browser accordingly. There are solutions that use a cache to enable users to log in without having to constantly input their credentials.
there are several ways to create an isolated instance—as a container, a virtual machine (VM), or as a sandbox. During normal operations, the solution shuts down the instance when the user ends the session.
Several responses are initiated when the solution detects a threat. First, the instance attempts to eliminate the threat. If the instance becomes compromised, the solution shuts it down and deploys a new instance (including all tabs that were open during the session).
Here is what the RBI solution should do during a remote browser session:
The main functionality provided by RBI systems is streaming remote browser data to a local endpoint. To achieve this, RBI solutions need to do the following:
Cybersecurity policies help you efficiently manage RBI. You can use a cybersecurity policy to whitelist trustworthy web applications, as well as content that can be rendered on devices. You can also use policies to specify user permissions, defining who can access certain types of content or URLs.
The main purpose of RBI is to secure browsing and prevent threats. To do this, the RBI solution needs to come with threat detection capabilities, which enable the solution to monitor for threats and suspicious activity. Once the RBI system detects a threat, it needs to sanitize the content and then send the sanitized content to the user.
RBI solutions rely heavily on content mirroring. This can negatively impact the bandwidth of users and the remote instance. To ensure positive user experience and optimal performance, RBI solutions need to balance the load. Here is how:
Multi-tenancy helps RBI systems to maintain high availability for users across the world, generally improve bandwidth and load management, and improve scaling.
The user’s endpoint device interacts with a remote browser isolation service, which manages a number of containerized or virtualized browser instances. The RBI service also facilitates communication between this browser and the Internet. Finally, the RBI service delivers rendered web content back to the endpoint device.
There are two primary techniques used to stream content from cloud-based browsers to end-user devices:
Another element of RBI systems is a remote file viewer, that allows users to view files like Microsoft Office documents or PDFs, without having to download them. The remote browser may offer the option of downloading files to the user’s local device in a controlled manner, after scanning and verifying the files are safe.
Each of the two RBI techniques we detailed above has its unique challenges.
Challenges of pixel pushing
Challenges of DOM reconstruction
Here are some important considerations when evaluating remote browsers for your organization:
Polar Zone, which is based on the segregation of users’ applications and browsers, isolates the organizations internal network from the Internet, and provides users with access to the Internet and the organization’s internal network while maintaining security.