How AppNeta Complements CASBs for Network Monitoring

In today's cloud-centric IT landscape, cloud access security brokers (CASBs) have become pivotal in managing and securing cloud applications. CASBs act as gatekeepers, enabling enterprises to extend their security policies beyond their own infrastructure and into the cloud.

CASBs work by performing various kinds of network monitoring—they track user activities, data movement, and application usage within cloud environments. With these capabilities, teams can ensure that cloud access and data management are aligned with their organization’s security policies and compliance requirements.

While useful, CASBs can’t show you everything. They are not able to provide visibility into your network health or performance.

This article explains what CASBs are, what kinds of network monitoring they are designed for, and what their limitations are. It then explains how AppNeta by Broadcom can complement CASBs, addressing the visibility gaps left by these tools. We’ll explore how AppNeta can help you better understand your network health, the experience of your web application users, and how your network resources are being used.

What are CASBs?

A CASB is a security policy enforcement point that sits between cloud service users and cloud service providers. Delivered via software or hardware, CASBs help ensure that network traffic conforms to an organization's security policies.

You can integrate CASBs into enterprise network architectures to gain visibility into how your organization’s users interact with cloud applications. With this visibility, you can identify security threats and enforce security policies. CASBs bridge the gap between enterprise IT infrastructure and cloud services, offering a centralized platform for managing cloud access and data security.

What are the functions of a CASB?

CASBs serve multiple functions:

• Data security. CASBs protect against data breaches by controlling the access and sharing of sensitive information.
• Compliance. CASBs help ensure compliance with external regulations and internal policies by monitoring and controlling the flow of sensitive data in and out of cloud applications.
• Threat protection. CASBs offer threat protection by identifying and managing access from potentially compromised accounts or malicious insiders.
• Identity and access management. CASBs can integrate with existing identity management solutions to enforce access policies, including authentication and authorization controls.
• Visibility. CASBs provide visibility into cloud application usage, helping operations teams understand what cloud services are being used and how.

CASBs help bridge the gap between the fast-paced, flexible nature of cloud computing and the need for robust security and compliance frameworks within organizations. These tools are particularly useful in hybrid and multi-cloud environments, where it can be challenging to consistently enforce security policies across diverse cloud services.

What can CASBs monitor?

One of the primary functions of CASBs is monitoring your network. They can offer visibility in the following ways:

• User activity monitoring. CASBs track user activities within cloud services. This includes who is accessing what services, when, and from where. Monitoring user activities helps in detecting unusual patterns that could indicate a security threat, such as unauthorized access.
• Data movement tracking. CASBs monitor the data that moves into and out of cloud applications. This involves keeping track of files and data being uploaded, downloaded, or shared, especially sensitive or regulated data. In this way, CASBs can prevent data leakage and ensure compliance with data protection regulations.
• Cloud service discovery. CASBs can identify all the cloud services being used within an organization, including unsanctioned (shadow IT) and sanctioned apps. This helps in understanding the full scope of cloud adoption and assessing the risks associated with various services.
• Device identification. CASBs can identify the types of devices used to access cloud services, whether they are corporate-owned or personal devices. This enables teams to enforce device-based access policies and identify potentially risky devices.
• Application usage analysis. CASBs provide analytics on application usage, such as the frequency of use, the volume of data exchanged, and the functionality being used. This information can help managers optimize cloud services and licenses.

What can’t CASBs monitor?

CASBs primarily focus on security, offering valuable insights into user behavior and potential security threats in cloud applications. However, while these tools excel at detecting security threats and anomalous behavior, they are not equipped to monitor the health and performance of the network or the user experiences delivered by an application.

For example, they can’t answer the following questions:

• Is there latency on the network?
• Where on the network path is a problem occurring?
• What routes are down and when did they go down?
• How much capacity am I being provided by my ISP?
• Are there particular applications that are running slowly?
• Are users encountering problems in connecting to an application?
• Is poor application performance being caused by an application issue, a network issue, or a browser issue?
• Which applications are consuming the most bandwidth?
• Which users are consuming the most bandwidth?

To answer these questions, you need a tool with different network monitoring capabilities.

How AppNeta complements CASBs

Network monitoring tools like AppNeta can address the visibility gaps outlined above. AppNeta can complement CASBs by providing insights into network performance and user experience—capabilities that are crucial for operating cloud services effectively.

Specifically, AppNeta provides three types of network monitoring that can be a useful complement to CASB services:

• Delivery monitoring: Understand the health of your network and determine where network problems are occurring.
• Experience monitoring: Gain visibility into how users at a given location are experiencing applications.
• Usage monitoring: Determine how bandwidth at a given location is being devoted to particular applications, hosts, and users.

Delivery monitoring to understand network health

AppNeta’s delivery monitoring capabilities are enabled by a set of tools that help administrators visualize network performance and determine where problems are occurring. The solution uses lightweight continuous path analysis (CPA) to determine if there are network problems and, if there are, it initiates diagnostic tests to help pinpoint the cause.

CPA involves periodically sending out small bursts of packets to user-determined targets and then collecting timing data about the packets after they traverse the network. CPA provides insight into network health and into the paths traffic takes through the network. CPA gives your organization the ability to monitor network performance and routing, including connections to a CASB service, web app, and the internet. With these capabilities, you can also determine whether a web app performance issue is caused by the network and, if so, where in the network the problem is occurring.

Experience monitoring to understand web app experience

AppNeta’s experience monitoring capability enables you to visualize how users at a given location are actually experiencing a web app. It allows you to access a web application via browser or via direct HTTP requests.

In a browser workflow, you create a script to periodically simulate user interactions with an application. AppNeta then measures how long the application takes to respond, detailing the amount of time taken by the browser, the network, and the server running the application.

Through HTTP, AppNeta periodically makes requests to a web app's API to simulate machine-to-machine interactions with an application. The solution then measures how long the application takes to respond and tests for an expected response.

Experience monitoring helps you:

• Identify specific applications that are running slowly.
• Pinpoint locations where users are experiencing slow applications.
• Specify parts of an application that are slow or unresponsive.
• Determine whether poor application  performance is a result of an application issue, a network issue, or a browser issue.

Usage monitoring to understand resource consumption

AppNeta’s usage monitoring capability enables you to see how bandwidth at a given location is being devoted to particular applications, hosts, and users. The solution monitors the traffic on a link to determine which applications are being used and who is using them.

The usage monitoring capability provides some overlap with the monitoring offered by CASB services. Both AppNeta’s usage monitoring and CASB monitoring can tell you:

• The applications being used in an organization.
• Which applications a user is accessing.

However, AppNeta’s usage monitoring capability also provides monitoring that CASBs may not. For example, AppNeta enables you to determine which applications and users are consuming the most bandwidth.

AppNeta provides additional enterprise network visibility

AppNeta and CASB services both perform network monitoring functions, but each provides different information. 
CASBs perform monitoring that focuses on cloud application usage, security, and compliance. These tools track user activities, data movement, and application interactions in cloud environments, providing visibility into how cloud services are accessed and used. Their primary function is to identify network threats and maximize security.

In contrast, AppNeta specializes in network performance monitoring. The solution analyzes network bandwidth, latency, and overall quality, offering you the visibility needed to ensure optimal performance and user experience across your organization's network infrastructure. AppNeta’s primary function is to help you assess and optimize the health and efficiency of the physical and virtual network connections that are essential for seamless connectivity and application delivery.

While both CASBs and AppNeta monitor application usage by individual users, AppNeta does it from the angle of optimizing network performance, whereas a CASB does it from the angle of security. The following diagram shows what network monitoring purposes AppNeta and CASBs have in common, and how they differ.

Conclusion

Part of the wider NetOps by Broadcom solution, AppNeta provides teams with the complete visibility they need to track network performance from end to end, no matter which networks user connections rely upon.

Use AppNeta together with your CASB provider to get wider visibility into what’s happening in your networks. Follow these links to learn more about AppNeta’s features or request a demo. If you already have AppNeta, read our guide for setting up network monitoring in a CASB environment.