Fortinet black logo

Architecture Guide

Home FortiSASE Architecture Guide

Secure SaaS access using FortiCASB

Copy Link
Copy Doc ID 90c0ddd8-c520-11ee-8c42-fa163e15d75b:293222
Download PDF

Secure SaaS access using FortiCASB

FortiCASB offers an API-based approach by obtaining data directly from SaaS cloud applications such as Office 365 or Dropbox using REST API queries with OAuth2.0 authentication. Therefore, FortiCASB can essentially perform deep inspection of cloud traffic, providing advanced monitoring, analysis, and reporting providing notifications when suspicious activity is triggered.

Since this FortiCASB performs out-of-band communication with SaaS applications, there is no performance impact on user SaaS application traffic.

FortiCASB provides insights on suspicious activity on past and current cloud user activity and relies on the network administrator to review and act upon these insights after they have already occurred. Mitigation actions include making configuration changes on FortiSASE or the FortiGate NGFW to block future suspicious activity or include denying or restricting a user’s access on the SaaS application itself for the specific user generating the suspicious activity.

Access to FortiCASB is included with per-user and per-endpoint FortiSASE licensing.

A typical topology for deploying this example design is as follows:

Previous
Next

Secure SaaS access using FortiCASB

FortiCASB offers an API-based approach by obtaining data directly from SaaS cloud applications such as Office 365 or Dropbox using REST API queries with OAuth2.0 authentication. Therefore, FortiCASB can essentially perform deep inspection of cloud traffic, providing advanced monitoring, analysis, and reporting providing notifications when suspicious activity is triggered.

Since this FortiCASB performs out-of-band communication with SaaS applications, there is no performance impact on user SaaS application traffic.

FortiCASB provides insights on suspicious activity on past and current cloud user activity and relies on the network administrator to review and act upon these insights after they have already occurred. Mitigation actions include making configuration changes on FortiSASE or the FortiGate NGFW to block future suspicious activity or include denying or restricting a user’s access on the SaaS application itself for the specific user generating the suspicious activity.

Access to FortiCASB is included with per-user and per-endpoint FortiSASE licensing.

A typical topology for deploying this example design is as follows:

Previous
Next