Isolo
ISOLATE · SECURE · BROWSE
Remote Browser Isolation (RBI)
Secure enterprise internet
Isolo is an advanced security platform that isolates the internet from your internal network. The user's browser runs in a fully isolated environment and only its rendered image is delivered to the user's device — no malicious code can reach the internal network. Built with domestic technologies, it guarantees 100% protection against Zero-Day, Phishing, Ransomware and XSS threats.
Technical approach
Isolo is built around these architectural principles:
Each user's browser runs in a fully isolated, single-use environment
Only the rendered browser image is delivered to the user's device (no code execution)
Web content filtering and control at the enterprise proxy layer
Comprehensive web management panel (admin + user portal)
Scalable architecture — add servers without service interruption
Compatible with all standard operating systems and browsers
No software or plugin installation required on the user's device
Fully bilingual UI (FA/EN) with native RTL support
Capabilities
A complete set of security, authentication, session management and monitoring capabilities.
Security capabilities
Complete internet isolation
Browser runs in a fully isolated environment; only its image reaches the user. Protection against Zero-Day and Ransomware.
Sensitive data leak prevention (DLP)
Smart clipboard and data transfer control between the organization and the internet; automatic detection of classified data via extensible patterns.
File sanitization (CDR)
Automatically strips potentially malicious elements from downloaded files (Office docs, PDF, web pages) without relying on malware signatures.
Multi-engine file scanning
Layered scanning with the built-in engine, ability to integrate with your existing AV, automatic quarantine of suspicious files.
Web filtering & control
Encrypted traffic inspection, content-category blocking, allow/block lists, automatic updates.
Session recording & replay
Full video recording of browser sessions, time-indexed playback, filterable by user and group.
Security watermarking
Transparent watermark with username, timestamp and IP — deters unauthorized screenshots.
Geographic restrictions
IP-based geolocation, country allow/block lists, automatic blocking of unauthorized regions.
Bandwidth control
Daily/weekly/monthly traffic caps, speed limits, emergency traffic, real-time consumption tracking.
Tamper-proof audit logs
Cryptographic signing guarantees log integrity; verifiable, aligned with AFTA standards.
Authentication & access control
Active Directory / LDAP
Connect to AD and OpenLDAP, automatic user and group sync, LDAPS.
SAML 2.0 and OpenID Connect
SSO/SLO with your organization's IdP, OAuth 2.0 / OIDC, multiple providers simultaneously.
Multi-factor authentication (MFA)
TOTP, WebAuthn / FIDO2 hardware keys, mandatory enforcement.
Password policy
Minimum length and complexity, password history, automatic expiry, account lockout.
Session management
Session sharing
Shareable links, live chat between participants, invitations from inbox.
Admin-approved downloads
Approval/reject workflow for file downloads, automatic security scan and sanitization before delivery.
Peripheral devices
Webcam, microphone, speaker, hardware security tokens, local printing.
Profiles & bookmarks
Saved settings, history and dedicated bookmarks; admin-configurable homepage.
Management & monitoring
Comprehensive admin panel
Real-time dashboard, role-based access control, session and download management.
Reporting & analytics
Web activity reports, detected threats, AFTA compliance, processable exports.
Branding & customization
Logo, light/dark themes, bilingual FA/EN UI with RTL.
Infrastructure & scalability
Multi-server architecture, automatic load balancing, smart caching, end-to-end encryption, alignment with international security standards.
Innovation & technical differentiation
Single-use isolated architecture
Every user session runs in an independent isolated environment that is fully destroyed when the session ends — reducing the attack surface to zero.
Active content sanitization (CDR)
Unlike traditional AV that relies on malware signatures, CDR proactively removes all potentially malicious elements from files — even unknown threats.
Smart, extensible DLP engine
Data classification and egress control with built-in domestic patterns (Iranian bank card numbers, national IDs...) plus the ability to define custom patterns per organization policy.
Tamper-proof audit logs
Cryptographic signing guarantees the integrity and immutability of audit logs, aligned with AFTA requirements.
Key advantages
Agentless — Works with the user's existing browser
100% protection — No code ever executes on the user's device
Centralized management — Full control from a single panel
Fully localized — Persian UI with native RTL
Low cost — No dedicated hardware required
Scalable — From 10 to 1000+ users
Want to see Isolo in your environment?
Get in touch for a dedicated demo and a conversation with our technical team.
Request demo