IT Brief Asia - Technology news for CIOs & IT decision-makers
Asia
Endpoint security zero trust laptop phone to cloud no proxy flow
#
Firewalls
#
Data Protection
#
Hyperscale

Island unveils SASE to cut proxy backhaul for AI era

Thu, 19th Mar 2026
Author image
By Sofiah Nichole Salivio, News Editor

Island has launched a new secure access service edge (SASE) architecture that moves more security checks closer to the user and reduces reliance on cloud-proxy backhaul.

Island is positioning the launch as a response to changing access patterns as employees and software agents increasingly use software-as-a-service tools, web applications, and AI services. It argues that this shift exposes limits in SASE designs that route traffic through distant inspection points.

The architecture is designed to let up to 90% of sessions connect directly without backhaul and can be deployed in as little as five minutes on managed and unmanaged devices, according to Island. It also avoids SSL/TLS break-and-inspect for browser traffic, which the company says reduces latency and limits the impact of outages.

Proxy model

SASE is commonly used to combine network security functions-such as secure web gateways and zero-trust access-with wide area networking. Many implementations rely on proxy-based inspection in the cloud, often decrypting and re-encrypting sessions before applying policy controls.

Island calls that model a source of performance issues and operational complexity, and argues that network-level inspection struggles to capture user activity inside a browser session. It says the gap is growing as employees use AI tools and as organisations begin deploying AI agents that call other tools and services on behalf of users.

Island's architecture is built around what it calls the "Perfect Packet" approach: analysing and securing traffic at what it considers the most appropriate point, either on the device or in the cloud. This differs from designs that default to backhauling traffic through a proxy service for policy enforcement.

Enforcement points

Under Island's approach, policy evaluation can occur at the user experience layer on the workstation. It also uses cloud points of presence for inspection or routing when needed, running across Google Cloud Platform, Microsoft Azure, and Amazon Web Services networks.

Island's enterprise platform includes an enterprise browser, an extension, and a desktop component. It evaluates identity, device posture, geolocation, application context, and user activity at the moment of interaction. Most traffic takes a direct path and only enters Island's network when inspection or routing adds value, the company says.

The architecture uses two separate network stacks for resilience and failover, according to Island.

Unmanaged devices

Island is also targeting a long-running challenge for security teams. Contractors, partners, and bring-your-own-device users often rely on unmanaged endpoints where organisations cannot install security agents or certificates. Traditional SASE rollouts can struggle in these cases, particularly when traffic inspection depends on device certificates and agent software.

Island says its approach supports both managed and unmanaged devices. It also says avoiding default SSL/TLS break-and-inspect for browser traffic reduces broken sessions and certificate errors, improving the end-user experience as well as security operations.

AI governance

Much of the product messaging centres on AI usage and AI agent workflows. Island argues that network enforcement focuses on connections in transit rather than user intent, while prompts, uploads, tool calls, and AI-generated output occur where users interact with services-not in a network hop.

It says it governs AI "at the point of intent" using user, device, and session context, and can record an audit trail for AI sessions, including data types sent, target applications, and user identity. This applies across human and agentic workflows, according to Island.

Dan Amiga, CTO and co-founder at Island, said the market needs a different approach as AI usage grows.

"If your SASE can't see what's happening inside an AI session, you're not governing AI. You're guessing," said Dan Amiga, CTO and Co-founder, Island. "We built the Perfect Packet network because the old model of backhauling everything through a proxy adds blind spots and cost. When you protect data before it moves and evaluate policy in real time, security runs at the speed of work."

Stack components

Island says it delivers a full SASE stack through a single control plane, including private access for zero-trust access to private applications, a secure web gateway, remote browser isolation for high-risk destinations, and data protection controls in the browser and at the endpoint.

The stack also includes a cloud access security broker that uses native APIs for visibility into SaaS environments, including monitoring files, permissions, and configurations without rerouting traffic. It also includes digital experience monitoring for application performance and device health, according to the company.

Island says the architecture is already deployed with Fortune 500 customers and is now being made available more broadly.

Related stories
Protegrity launches AI Team Edition for secure inferencing
OpenAI launches Trusted Access for Cyber with major names
Anthropic launches Claude Opus 4.7 with stronger coding
Testlio launches AI chatbot testing service amid scrutiny
Dropbox launches three apps inside ChatGPT for work

Top stories

TestRail launches AI test script generation in beta
FIRST conference highlights AI & CVE disclosure push
OpenAI expands Codex with desktop & workflow tools
OpenAI launches GPT-Rosalind for life sciences research
Mirantis integrates NVIDIA Run:ai to speed AI deployment