Cato’s Remote Browser Isolation (RBI) protects users from falling victim to web and browser-based threats like ransomware, malware, phishing, malicious ads or cross-site scripting (XSS) by letting them access websites in an isolated and safe environment. RBI also provides control and visibility that meets compliance and regulatory requirements. Uncategorized or Unknown destinations, as well as destinations included in , are accessed in an RBI session without allowing direct browser connection or filesystem access.
For information about configuring the RBI service, see Configuring the RBI Service for Secure Web Browsing
Cato offers enterprise-grade security with multi-layered protection. Cato already offers IPS, anti-malware, next-gen antimalware, CASB and DLP that are designed to protect against a wider range of threats, including network-based attacks, malware, insider threats, external threats, and other types of malicious activity. RBI adds another security layer to ensure robust enterprise-grade security. RBI is specifically designed to protect against web-based and browser-based threats, such as phishing, cookie stealing and drive-by downloads.
RBI streams the visual output of the web pages from a remote server to the user's device, any code is executed remotely and doesn’t reach the actual device. IPS and Anti-malware use different methods (such as signature-based detection, behavioral analysis, and heuristics) to identify and then block malicious traffic.
Cato offers robust multi-layered protection, unlike other vendors, who must route all traffic via RBI. Other RBI vendors don’t offer other protections, such as IPS, Anti-malware, Next-Gen Anti-malware, CASB, and DLP. They therefore are forced to route all traffic via RBI. Since Cato offers many layers of security, we selectively route by category. Today, traffic for Uncategorized and Undefined URL categories, and Custom Categories, are selectively routed via RBI. Other traffic is already secured by other Cato security layers and is less prone to the type of attacks that RBI protects against. Cato provides you complete flexibility, from allowing you to completely block URLs to performing deeper content inspection using CASB or DLP.
A website is categorized as Undefined or Uncategorized when the website is new and wasn't signed by the Cato URL categorization engine.
Remote browser isolation (RBI) fits into an overall threat prevention service by providing an additional layer of protection against web-based and browser-based threats, such as phishing and drive-by downloads from Undefined and Uncategorized categories. When used in conjunction with other Cato security solutions, it can help create a multi-layered security strategy that provides comprehensive protection against a wide range of threats.
Here's an overview of how the RBI process works:
The user accesses a website through a local browser on their device.
This request is transparently forwarded to the Remote Browser Isolation (RBI) service in the cloud.
The remote browser in the RBI service initiates a session with the remote destination.
A safe visual stream of pixels is then streamed to the user’s local browser, with full browsing experience, but none of the active website code. The user interacts with the web pages through their device, but their device is not directly interacting with the web pages themselves.
Sarah Lee is browsing the internet and visits a website that is categorized as undefined by Cato. The Cato admin configured undefined sites to be delivered by RBI. As she browses the website, exploit kits are silently downloaded onto the remote browser. The kit scans the remote browser and device for vulnerabilities and after finding a vulnerability, delivers ransomware by exploiting the vulnerability.
The website is rendered in the RBI service via the remote browser and remote device, and only pixels are streamed from the RBI service to Sarah Lee’s local browser and device. The ransomware is isolated and contained in the remote browser and device and doesn’t reach Sarah Lee’s device and her network. She continues to safely interact with the website, as all the website code is executed on the isolated remote browser and device.
John Smith is the CFO and accessing his email that contains a link to a website that looks legitimate, and he clicks the link. He doesn’t realize, but he is the target of a spear-phishing attack.
Cato RBI is supported for browsers only.
Cato RBI supports all modern browser releases of any major desktop browsers (e.g. Chrome, Edge, Firefox, IE, Safari, etc.). Mobile browsers are not supported.
Some old browsers may not comply with the minimum set of requirements for RBI to work properly.