What is Remote Browser Isolation?

Remote Browser Isolation, also known by the acronym RBI, is a browser in the cloud for Prisma SASE users. RBI works by moving the interaction with the web server to a safe environment for testing and analysis and then displaying the safe results to the end user. RBI is useful when there is a higher-than-usual risk of malware or if the user's role in the company puts them at a higher risk of being targeted by threat actors, among other reasons.

How does RBI work?

Loading a website involves several steps that most users are not aware of. Some of those steps include looking up the website's internet (IP) address, connecting to the web server, and starting a secure session.  Once those first steps are completed, the web server pulls content for the requested site from several sources to present to the user.  Threat actors could compromise any of those components to secretly inject malware into the session without anyone knowing, or the entire site could be a spoofed version of a legitimate site. This is where RBI can save the day because instead of using the browser on your computer to do all this work, RBI opens the website in the cloud, pulls that content, and analyzes it for malware or anything else that could compromise your network. If the website is safe, the RBI displays the result for the end-user, and they will most likely never know anything unusual happened. 

How can we use RBI?

RBI is a licensed add-on for Prisma SASE for users connecting remotely via GlobalProtect or at a branch site behind a Remote Network. Either way, the protection and configuration are the same, eliminating complexity for administrators and preventing potential security gaps. RBI can also prevent data loss by enforcing controls on actions such as screen captures, copy/paste, and more.  All controls are managed in web filtering profiles, ensuring a secure posture and seamless experience for users or contractors. 

How is this different than a traditional approach?

Traditionally, web browsing from corporate computers has always been a balancing act between enabling a productive workforce while protecting sensitive data or preventing a breach and a more extensive exposure, among other risks. Palo Alto Networks uses several layers of protection when not using the RBI service for internet access. Palo Alto Networks leverages DNS security, Advanced URL Filtering, TLS decryption, Advanced Wildfire, and other security services to prevent as many threats as possible.  As advanced as these and other services are, there are always vulnerabilities that a sophisticated adversary can still exploit. So many components are involved in the process, making it difficult to protect it all. RBI moves that threat to a safe environment so your network is never exposed. After passing all security checks, the session results are displayed to the end user, offering a secure browsing experience.

How do I learn more about Remote Browser Isolation?

To learn more about how RBI and Prisma SASE can help you secure your network and workforce, please contact your WWT account team. More information is available on our website and in this datasheet, which is linked below.

RBI datasheet from Palo Alto Networks

Technologies