Network policy management and enforcement depends on gathering intelligence and exerting control across a variety of dimensions. In the industry today, the policy management de facto standard spans four dimensions. These include threats, content, applications, and identity. In this blog post we will talk about applications.
Enabling network policy management through application control is not a new concept. Yet the evolution of application variety, complexity, and functionality has brought application control to the forefront of many policy management conversations.
Traditionally, policy enforcement via application control included filtering apps by name, by app category (business/productivity vs. remote proxy, for example), or by app risk score. Then, the number of available apps grew exponentially and the ease of acquisition and integration increased. Public, private, and hybrid cloud considerations intersected with the bring-your-own-device trajectory. Social distancing recommendations in 2020 prompted organization leaders to rethink telecommuting and remote work. Work schedules have become increasingly flexible for knowledge workers and they often use the same devices for personal activities and business work. And so today, efficacious application control requires not only the ability to filter apps by name, category, or risk score, but also by app functionality.
NetSTAR has identified 20 application operations and codified these operations by app and by URL. Examples of these operations include login/authentication, uploading, file transfer, and chatting. And in addition to categorizing an app’s “top URL” (exampleapp.com), we have categorized operation-specific URLs (post.exampleapp.com). This additional layer of app intelligence allows our partner companies to filter by application operation across the network for thousands of web apps, including mobile, SaaS, PaaS, and IaaS.
At NetSTAR, our OEM solutions help our partners effectively manage network policy across three of the four key dimensions. inSITE Threat Intelligence™ delivers real-time threat identification and intelligence for internet-based threats. inCompass® provides award-winning content filtering by URL, domain, and IP address. And WebApp Compass™ enables content filtering by application name, type, reputation, and operation.