Hey everyone,
I've been looking into enterprise browsers but honestly, I'm getting lost in all the marketing jargon. Can someone who's actually used these browsers explain how to set up access control for SaaS services? Specifically, I need to enforce that our staff can only access Salesforce and similar apps through the enterprise browser. I've heard a lot about things like Okta certificates and Cloudflare Access, but I keep hitting dead ends in terms of security effectiveness. I really want to avoid simple header-based checks since there are too many extensions that can spoof these headers. Any tips would really help!
2 Answers
I don't see much need for enterprise browsers since they only secure web browsing. We already have Crowdstrike and Zscaler in place to filter incoming and outgoing traffic at the network adapter level, so it's kind of redundant for us. Trying to get clarity from companies like Island about their products can be frustrating, as it seems like they just repackaged ZIA and ZPA agents with a few tweaks, and the cost is steep. If you're worried about endpoint management, I'd be cautious—going with an enterprise browser might actually weaken your security by relying on the vendor.
I'm currently testing a setup using Edge combined with Secure Global Access and specific access policies to enforce security when accessing SaaS platforms. It's still in the early stages, so I’m figuring out the best way to implement it effectively. Let's see how it goes!
That sounds interesting! What exactly do you mean by Edge + Secure Global Access? How does the access policy get enforced—through browser headers, device posture, or something else? I’m curious about how the system actually enforces those policies.
I see your point, but my team often works remotely, so we need something that securely contains SaaS applications. I understand the ZIA/ZPA setup, but I'm struggling to get clear information—it's all wrapped up in marketing stuff!