Zscaler Web Security is a part of our award-winning Security as a Service platform—it sits inline between your company and the Internet, protecting your enterprise from cyberthreats, stopping intellectual property leaks, and ensuring compliance with corporate content and access policies. It monitors your network and user activity, secures roaming users and mobile devices, and manages all of this globally from a single management console.
Zscaler’s security capabilities provide defense-in-depth, protecting you from a broad range of threats including malicious URL requests, viruses, Advanced Persistent Threats (APTs), zero-day malware, adware, spyware, botnets, cross-site scripting, and much more.
Just point your Internet traffic to Zscaler’s application-aware Cloud Firewall, and protect your users in all locations
With Zscaler, you can add next-generation firewall (NGFW) protection for all users without the need to deploy or maintain hardware or software. Our cloud handles aggregate traffic at over 100 million sessions per second — always inline and always blocking. Native SSL inspection is built in for every byte of traffic, all the time. So you get complete protection for all users, in all locations, across all ports and protocols — with no headaches.
Zscaler Web Security provides unmatched security, visibility, and control. Delivered in the cloud, Zscaler includes all the essential protections you would expect, such as URL filtering and firewall protection, as well as award-winning web security. It’s all integrated with the robust Zscaler cloud security platform that features advanced threat protection, real-time analytics, and forensics. You get protection for all of your users, no matter what devices they are using or where in the world they are connecting
Sandboxing, a behavioral analysis technique that has become popular recently, allows you to detonate suspicious or unknown files in a virtual environment to determine if they are malicious before they get to your users. Sandboxes are typically confined to the data center because they are expensive and difficult to run at scale. And, like any single product, no matter how well a sandbox works, it only reveals a limited number of threats.
Zscaler’s cloud platform inspects all internet traffic from all locations for all users, so you don’t need to deploy sandboxes in dozens (or hundreds) of locations. The processing power of Zscaler Cloud Sandbox lets us inspect all unknown or suspicious files. And because we inspect all SSL traffic, the common ploy of hiding behind encryption fails as well. Malicious files are instantly blocked, quarantined, or flagged, based on policy.
To protect against ransomware, a single solution isn’t enough. You need multilayered security, with various tools working together to block malicious traffic.
Zscaler’s Cloud Security Platform is multilayered security, combining eight different security engines that allow you to quickly discover and block coordinated attacks. The Zscaler platform includes Intrusion Prevention Systems (IPS), antivirus, sandboxing, web filtering, IP reputation scoring, and SSL inspection. Inspecting SSL traffic is critical, because it’s expected to account for 60 percent of all web traffic by the end of 2016 and an increasing amount of malware is being hidden in encrypted traffic.
Virtual Private Networks (VPNs) have been the standard method to provide remote access to private applications and assets since users began moving away from a central office with a direct connection to the data center.
VPNs extend the enterprise network perimeter to “trusted” users, providing them with an “on-net” experience. As the network perimeter has evolved and use of the cloud becomes increasingly prevalent for business and personal applications, however, certain attributes of VPNs have become drawbacks.
An “on-net” user experience brings risk
VPNs were designed to deliver the user access to a network, not to an application. Once on a network, malware can propagate and users may be able to get access to adjacent applications from which they should be restricted. In addition, because VPN concentrators must listen for inbound connection attempts, they create an attack surface which may be exploited.
Virtual private networks are networks
As the enterprise network becomes increasingly mission-critical, it has become increasingly complex. The proliferation of VPNs adds exponentially to this complexity.
In this age of data center consolidation, most enterprises are looking to the cloud to address the need for flexible, elastic application hosting. Unfortunately, getting remote users to these deployments remains anchored firmly to the network by the VPN. Remote user traffic ends up traversing the Internet to get to the data center, in order to get to the cloudbased app via the site-to-site VPN between the data center and the cloud apps. It’s terribly inefficient—like flying from San Francisco to London by way of Buenos Aires—and provides a similarly terrible experience for the user. Despite their drawbacks, however, VPNs in some form have remained the only viable solution for secure remote access for over a decade. Until now.
Zscaler is a leader in securing Internet traffic for enterprises around the globe, with a cloud-based security platform designed to protect enterprise Internet traffic with Secure Web Gateway, Cloud Application Visibility and Control, Cloud Sandboxing, Data Loss Prevention, and more.
Zscaler Private Access builds from the same cloud-based, elastically scalable infrastructure to deliver seamless connectivity to private internal applications and assets. Zscaler Private Access solves the challenges posed by a traditional VPN infrastructure by decoupling your internal assets and applications from the limitations, cost, and complexity of direct IP network connections.
Zscaler Private Access delivers seamless connectivity to private internal applications and assets whether they are in the cloud, the data center, or both. Policy-driven access adjusts dynamically to network changes, enabling enterprise agility while improving user experience.
With Zscaler Private Access, there is no need to provision VPN termination hardware, or to ensure that such a deployment is globally distributed and redundant. Users no longer need to go through a termination appliance in the data center to get to apps in the cloud. In fact, there is no hardware to buy at all, because Zscaler Private Access, like our Cloud Security Platform, functions as a service.