Anyone can isolate their browsing activity using virtualization, but the real trick to remote browser isolation is to do it at a vast scale for millions of simultaneous users and make it cost-effective by bringing the price down to single-digit dollars per user.
People sometimes ask me how WEBGAP is different from our competitors, and I tell them that we are trying to solve the big problems in browser isolation, whereas our competitors mostly avoid tackling the big problems ahead. The problem with the browser isolation space is that, on the surface, everyone has already solved the problem and most solutions look pretty much the same from a user perspective.
It is fair to say that everyone in the space has solved the 'obvious problem', the problem of isolating your browser and the associated cyber risks away from your infrastructure. However, most of our competitors then go on to ignore the bigger problems and begin signing up new users without much thought to the future.
It's only when they get past the one million user mark do they start noticing these bigger problems. Because my team has been isolating browsers for longer than most, we see further than most, and have already made most of the mistakes our competitors are now making. When we built WEBGAP, we built it with these big problems in mind, taking a long-term view of the market and its potential size.
The big problems in browser isolation are cost and scale. A browser isolation technology has to solve these problems and be able to accommodate millions of simultaneous users in a cost-effective way in order to meet the market requirements.
The first big problem in browser isolation is scale. Our potential user base is not 5k users or even 10k users, it’s the 120 million users located in the US workplace. Any browser solution has to be able to scale to accommodate at least one million simultaneous users in order to be viable. A fit-for-purpose browser isolation solution has to be able to easily scale to accommodate massive amounts of users without giving your infrastructure team a brain hemorrhage or filling your data center with tens of thousands of servers.
We solved this problem by moving away from having a storage area network (SAN) centralized infrastructure. Unlike our competitors who are built on top of SAN centralized infrastructures, we leverage a distributed network and infrastructure model. WEBGAP scales out, rather than scales up. To add more capacity, you simply cluster more server resources and the resources are distributed across the network. This makes WEBGAP massively scalable with no single point of failure and enables high availability across our network at scale.
The second big problem in browser isolation is cost. Organizations can adopt any number of browser isolation solutions, but the problem with most of them is that they can get incredibly expensive at any sort of scale, typically costing anything up to $50 per user, per month. This makes these solutions prohibitively expensive for anyone without a significant cybersecurity budget. Most organizations do not have significant budgets, making browser isolation mostly for the few rather than the many.
We solved this problem by moving away from virtualization platforms we had built in the past and towards containerization. Virtualization is not fit for its purpose as a browser isolation solution. Virtualization is simply not the right vehicle for handling the browser compute load at scale, and virtualization-based platforms costly and inefficient compared to containerized platforms. By adopting a completely containerized architecture, we massively reduced our resource overhead and we need approximately 10x less server resource than our virtualization-based competitors, translating into huge cost savings over the long term.
There is one final unspoken problem in browser isolation; isolation is not enough.
This is actually a 'hidden' problem and not many browser isolation vendors talk about it, but their dirty little secret is that isolation alone is not enough. This is why WEBGAP does not just physically isolate the browser and call it a day, we go a step further to remove potentially malicious code from pages and deliver a purer internet to our users.
WEBGAP requests web pages on behalf of the user, fetches them, and then destroys them, before rebuilding them tag-by-tag, element-by-element, stripping out any 'malicious' code (any code the web page does not need to be a fully functional web page), and rebuilding them in real-time for display to the end-user.
Unlike competitive solutions that display the real (albeit isolated) webpages and their code to end-users, WEBGAP displays web pages that have been 'sanitized' beforehand and contain just 18 lines of pure HTML and CSS, rather than the hundreds of lines of code that you would normally find in the original web page. This web page pre-rendering is really what sets WEBGAP apart from its competitors and is what makes WEBGAP a much safer way to use the internet than a basic browser isolation technology.
Where our competitors in the remote browser isolation space leverage SAN centralized, virtualization-based platforms (what we consider to be a legacy approach), WEBGAP is solving the biggest problems in our space, cost and scale, by building a remote browser isolation platform for the many rather than the few.
We will soon be releasing our browser isolation technology as a standalone piece of software for you to download and install on your own servers. In the meantime, if you are looking for a cost-effective remote browser service check out our remote browser platform. We have been delivering remote browsers longer than most, and we built the world's first browser isolation platform for the US federal government. If it works for them, it’ll work for you too.
Get in touch for a conversation with us about browser isolation, we love questions!