April 9, 2019
We all remember the days when cyber security was simple, when firewalls and Anti-Virus provided effective perimeter security controls. But how things have changed.
Cloud and mobility have created a massive shift, disrupting everyone’s network and security infrastructure. In today’s cloud-enabled world, how do you deliver secure transformation to the cloud?
Here, we’ll see how the traditional network has changed, and how security architecture needs to adapt in a cloud-first world – and ultimately, why Zscaler became the market-leader in cloud security.
The era of cloud and mobility
Today, your applications are moving to the cloud – Salesforce, Office 365, AWS and Azure, but most network and security appliances were built for an ‘on-premise’ business… to protect your corporate network.
Legacy IT security methods which focus on protecting the perimeter are inadequate. The security perimeter has moved… to the internet.
When applications & services resided in your ‘on-prem’ data centre, it made sense to backhaul traffic from branch offices over the network. But as the use of internet services increased, security appliance needed to be added in branch offices to allow secure internet access.
So the centre of gravity shifted, with more and more applications moving to the cloud.
Restrictions of legacy infrastructures
Tradition network architectures were not built for a cloud-first, mobile-first world… meaning there are some very obvious restrictions to contend with:
- Users and apps are secured by the network
- So access to internal apps requires network access
- Therefore, all users must be on the network for protection
- And all traffic must be backhauled to maintain protection – for all users
Bypassing traditional security controls
Today’s traffic often goes straight to the cloud, bypassing traditional perimeter security, with mobile and remote workers connecting direct to the internet – with multiple devices. Additionally, today’s complex threats have triggered an explosion of new security appliances, all finding their way into your overworked gateway.
The result?
- Time & complexity – Administrators are in a constant battle to keep up with the required security controls. The complexity and cost of maintaining and managing a dated architecture is out of control.
- Cost & latency – Users demand a fast connection to the cloud. Backhauling traffic adds latency, as well as additional costs.
- Security threats – Internet-based threats are everywhere, posing a constant threat to secure every user, on multiple devices in multiple locations.
Secure network transformation
Secure network transformation is on the agenda of every enterprise. Applications are moving to SaaS and public cloud. Users are no longer confined to the office, but security is still anchored to the data centre.
So what does a secure IT transformation look like?
Today, software-defined policies (not networks) securely connect the right user to the right app, or service. Users connect to the internet via a cloud security platform, ensuring a fast, secure user experience.
- Redefined perimeter security
The internet is the new security perimeter. By moving security to the cloud, all users and locations are protected – regardless of location, or device. Your perimeter and security policy follow the user, wherever they go. - A cloud-ready network platform
Enabling direct-internet connections via a cloud security platform ensures a fast, secure user experience, in addition to reducing the cost/need of additional appliances or to backhaul traffic via HQ. Direct internet connectivity also simplifies network admin. - Cloud security stack
By moving the security stack to the cloud, you can rely on multiple protection technologies, working in unison to stop threats. A cloud service also enables unlimited inspection capacity, so you can easily scale users and services when needed.
This new approach to security transforms the way applications are accessed and security controls are enforced.
- Software-defined policies connect users to apps (not networks)
- Access policies determine which apps are visible
- Security protection is driven by policy, so is tied to the user, regardless of location, or device
- Secure local Internet breakouts enable a fast user experience
3 steps to secure IT transformation
It is not a question of if, but when. Cloud services are the norm, but there are simple, practical steps on the journey of secure cloud transformation.
- Cloud security platform – Firstly, make a cloud security platform the first hop to the Internet – no infrastructure changes required!
- Phase out point products – Reduce costs and management overhead by phasing out legacy appliances.
- Transform – Enable local internet breakouts and deliver a better, more secure user experience.
Zscaler – The world’s largest cloud security platform
There is a good reason why Zscaler has become the market leader in cloud security: Zscaler was built in the cloud, for the cloud, enabling secure network transformation from legacy architectures, to cloud-enabled with local Internet breakouts.
Enabling secure network transformation
Zscaler Internet Access moves the entire security stack to the cloud with integrated security services that correlate data instantly for the highest level of protection.
By making Zscaler the default route to the Internet, all users receive identical protection, regardless of device, or location. Zscaler sits between your users and the Internet, inspecting every byte of traffic, applying multiple security technologies for the highest level of protection – regardless of location.
Zscaler optimises traffic flows by allowing secure, direct connections to the Internet over broadband, while reserving MPLS for data centre traffic.
What sets Zscaler apart?
- Built from the ground up in the cloud, for the cloud, Zscaler elastically scales to your traffic demands.
- With no hardware or software to deploy, you can set up direct internet connections in minutes.
- With 100 data centres globally, every user gets a fast, local connection no matter where they connect from.
- If a threat is detected anywhere, every Zscaler customer is immediately protected, with 120,000 unique security updates performed – each day.
- The Zscaler architecture is the best approach for secure SD-WAN and Office 365 deployments.
What’s in the security stack?
Zscaler Internet Access moves the entire security stack to the cloud with integrated security services that correlate data instantly for the highest level of security protection.
A trusted, independent review of Zscaler
Although Comtact Ltd. has been one of most trusted Zscaler partners for many years, we only selected Zscaler after a comprehensive evaluation of all the available technologies.
To this day, we always provide trusted, independent advice to customers, as well as the most competitive Zscaler pricing.
Related articles:
- DOWNLOAD: Zscaler pricing guide
- Zscaler deployment guide – insider tips for deploying Zscaler
- Solving Office 365 network latency issues
- Can you securely deploy Office 365 of legacy IT architectures?
- 8 ways to maintain your security when working with remote teams
- INFOGRAPHIC: The 8 most common types of cyber attack
About Zscaler
› Secure your cloud transformation
Zscaler was founded in 2008 on a simple but powerful concept: as applications move to the cloud, security needs to move there as well. Today, Zscaler are helping thousands of global organisations transform into cloud-enabled operations.
By moving applications and infrastructure to the cloud and untethering employees from their desks, you can realise tremendous advantages in productivity, agility, and cost containment. With a 100% cloud built secure platform, Zscaler can help you make the move to the cloud, securely.
About Comtact Ltd.
Comtact Ltd. is a specialist Cyber Security and IT Managed Service Provider, supporting clients 24/7 from our ISO27001-accredited UK Security Operations Centre (SOC).
Located at the heart of a high security, controlled-access Tier 3 data centre, Comtact’s state-of-the-art UK Cyber Defence Centre (SOC) targets, hunts & disrupts hacker behaviour, as part of a multi-layered security defence, to help secure some of the UK’s leading organisations.