What is Remote Browser Isolation (RBI)?
Remote browser isolation (RBI), also known as web isolation or browser isolation, is a web security solution designed to protect users from Internet-borne threats. By rendering Internet content in a sandboxed environment and delivering only the final rendered page to the browser, it protects against some malware embedded in web pages.
The Need for Isolated Browsing
Infected or malicious websites are a common way for cybercriminals to deliver malware to users. Phishing emails are a primary delivery vector for malware, and these emails commonly contain a link directing the recipient to a malicious web page.
When a user browses to a malicious page, code embedded in the page is run within the user’s browser. While most website code is legitimate, websites can also contain malicious code designed to steal user credentials or deliver malware to the user’s computer. Browser isolation can protect Internet users’ computers from being infected by malware delivered via the Internet.
How Remote Browser Isolation (RBI) Works
Delivery of malware via infected or malicious websites works because the user’s browser accepts and runs code from the site that the user is visiting. Remote Browser Isolation eliminates this in-browser code execution, protecting the user from malicious downloads.
Instead, the web page is processed within a browser hosted in the cloud. This browser is running in a sandboxed environment and can be disposed of when the user’s browsing session is complete, eliminating the risks associated with any malware downloaded to it during the user’s browsing session.
After this cloud-based browser has rendered or scanned a webpage, they deliver it to the user in some way, enabling the user’s browser to interact with it like they would a locally hosted webpage. This provides the ability to browse even potentially malware-laden sites on the Internet with much less risk.
Types of Remote Browser Isolation (RBI)
RBI systems are designed to scrub a webpage of malicious content before delivering it to the user. A couple of ways in which this is accomplished include:
- DOM Mirroring: Websites are composed of various types of content, some of which are riskier than others. A DOM mirroring isolation solution filters out certain types of content from a web page before forwarding the remainder to the user. This does not provide full isolation as the user’s browser still renders some content from the suspicious site.
- Pixel Reconstruction: The end result of the web page rendering process is a collection of pixels displayed on the user’s screen. This approach to browser isolation performs the complete rendering process on the remote browser instance, then sends the final image to the local browser for display. Since the user only receives an array of pixels and not the code that generates them, this protects against the potential for malicious code execution within the user’s browser.
Challenges of Remote Browser Isolation (RBI)
RBI has the potential to protect an organization and its users against some of the most common and dangerous vectors for cyberattacks. However, these solutions have their limitations, including:
- Latency: With RBI, all of a user’s browsing traffic is diverted through the cloud-based system before being forwarded on to them. This adds latency to the connection which degrades the user experience.
- Website Support: A pixel-based reconstruction solution runs code in a remote browser, and a DOM mirroring approach strips content from a page en-route to the user. For complex web pages, a remote browser may not be able to render it, and stripping content from it might break the site entirely.
- Incomplete Protection: DOM mirroring relies on stripping certain types of content from a webpage to render it safe for users. However, a sophisticated phishing page may be able to conceal malicious content as other types of content that the solution allows to pass through to the user.
- Expense: RBI solutions require all of an organization’s web traffic to be routed through and analyzed within the cloud. This can make these solutions expensive and difficult for organizations to deploy RBI across all employees.
Remote Browser Isolation with Polar Zone
Polar Zone, which is based on the segregation of users’ applications and browsers, isolates the organizations internal network from the Internet, and provides users with access to the Internet and the organization’s internal network while maintaining security.
- No need for extensive changes in the network infrastructure
- Decrease huge costs of creating isolated systems and networks with minimal flexibility to access the internal network and the Internet at the same time
- Prevent from malware/ransomware
- Protect the intellectual property ownership of the organization’s data