As the frequency and complexity of web-based cyber threats increase, businesses are increasingly using Web Isolation technologies to protect their high-risk users – such as senior management or teams that handle private or confidential data.
Web Isolation protects your users from ransomware, phishing, malware, and other web-based cyber threats. It does this by containing the web browser in an isolated environment before relaying web content back to the user.
In an ideal scenario, the end-user shouldn’t be able to tell the difference between native and isolated web browsing. But as you’ll learn in this blog, not all Web Isolation solutions can offer the same security, usability, IT simplicity, and cost-effectiveness.
There are two general schools of thought for Web Isolation – partial and full. But what’s the difference, and what about the technology behind them?
Introducing transcoding and partial Web Isolation
Partial Web Isolation is typically achieved using transcoding technologies such as DOM remodelling and network vector rendering. Transcoding strips the website code down to a smaller subset of information, removes any malicious code or threats, and reconstructs it before sending it back to the user’s device.
Transcoding is often software-based, so no additional hardware or browser plugins are required. However, it doesn’t offer comprehensive protection for your high-risk web users.
That’s because transcoding is inherently a porous solution: it always lets some original web code through to your users. As most transcoding providers don’t offer details on what code goes through and what gets stripped out, it’s impossible to know exactly how secure any transcoding solution is.
And even if you feel a transcoding solutions is suitably secure, users may find it offers poor compatibility with multimedia content like video playback, either limiting or blocking it altogether, resulting in a stripped-back browsing experience. Such limitations can also become a headache for IT, which must contend with poor interoperability and user complaints when sites fail to work properly.
Introducing pixel pushing for full Web Isolation
Full Web Isolation uses pixel pushing to completely separate web code from the user’s device. This means your Web Isolation solution handles all web browsing and feeds the information back as a video stream – much like a virtual desktop solution.
Pixel pushing is achieved through software- or hardware-based video encoding and delivery. While both offer comprehensive protection for users, hardware-accelerated pixel pushing offers a much lower latency experience compared to software-based solutions. And it can be deployed in the cloud or on-premises, offering the best balance between security, usability, and compatibility.
Unlike transcoding, no original web code is exchanged with the user’s device, making it inherently non-porous and secure. And when hosted in the cloud, demand on your IT team is minimised as there’s no need to manage updates or install hardware upfront.
Discover hardware-accelerated Web Isolation
To learn how hardware-accelerated Web Isolation eliminates the need for compromise to deliver the best combination of security, user experience, IT management, and cost in a hardware-accelerated cloud solution – take a look at our guide, Partial vs. full Web Isolation: which is right for your enterprise?