Written by: Jen Toscano of Zscaler
For the large enterprise, predicting traffic volume has been necessary for planning and purchasing legacy technologies and solutions. CIOs and CISOs have had to try to accurately see into the future, because underestimating growth can hinder an organization’s ability to fulfill its business mission, while overestimating can result in unnecessarily high costs.
Capacity planning calculations encompass many issues: number of users, devices, platforms, operating systems, locations, and applications, as well as bandwidth consumption, edge and WAN infrastructure, traffic patterns across global time zones, and more.
For example, suppose you’re planning to roll out Microsoft Office 365 to all branches. If you are building and operating the service using hardware appliances or VMs, how does your architecture compensate for packet drops, latency, and its limitations in visibility and traffic policy management? Office 365 is a resource-intensive suite of applications that often results in 12 to 20 persistent connections per user and an average network utilization boost of 40 percent. Your calculations must address associated network requirements, such as port exhaustion for NAT, or users will be mired in sluggish performance.
And that’s just for near-term cloud operations. Zscaler customers experience an average of 300 percent growth in cloud-bound traffic every year! Does your capacity plan account for this growth across hundreds or thousands of remote branches? In three years and beyond?
Predictions like these are not just about routine operations. Doing the cloud-on-your-own approach also forces you to guess right for accommodating sudden, unplanned spikes in bandwidth that cause slowdowns, frustrating users and customers alike.
Elastic scalability provided by Zscaler resolves these issues. Our approach relieves you of the need to accurately predict the future and assures you by service-level agreement (SLA) that you will always have the bandwidth your branches need for optimum, seamless cloud connectivity and security. As you add new features and functionality, Zscaler scales right along with you, keeping your SLAs intact.
The ability to elastically scale bandwidth and security for your branches is particularly handy when adding new services. It allows you to do so with no performance degradation, even if you’re including processing-intensive services such as deep-packet inspection of 100 percent of your SSL/TLS-encrypted traffic or the use of a cloud sandbox. Before you could do any of this with an appliance-based approach, you’d have to deploy dedicated boxes at every site, with onerous implementation and limited performance and policy enforcement.
Security services in virtual appliances do not solve these issues; even virtual machines have performance bottlenecks and need refreshing every few years.
Speed is a key feature of the Zscaler cloud architecture, made possible through Single Scan, Multi Action technology, which means that multiple security engines scan traffic simultaneously. With legacy security appliances, respective operations must be chained in sequence, an undeniable cause of latency.
As you prepare your enterprise for branch transformation, please remember that a cloud-first initiative is supposed to solve legacy problems of security and performance. Cloud is supposed to