Home / Blog / General / Zscaler introduction to secure cloud transformation

April 9, 2019

We all remember the days when cyber security was simple, when firewalls and Anti-Virus provided effective perimeter security controls. But how things have changed.

Cloud and mobility have created a massive shift, disrupting everyone’s network and security infrastructure. In today’s cloud-enabled world, how do you deliver secure transformation to the cloud?

Here, we’ll see how the traditional network has changed, and how security architecture needs to adapt in a cloud-first world – and ultimately, why Zscaler became the market-leader in cloud security.

Zscaler introduction to secure cloud transformation

The era of cloud and mobility

Today, your applications are moving to the cloud – Salesforce, Office 365, AWS and Azure, but most network and security appliances were built for an ‘on-premise’ business… to protect your corporate network.

Legacy IT security methods which focus on protecting the perimeter are inadequate. The security perimeter has moved… to the internet.

When applications & services resided in your ‘on-prem’ data centre, it made sense to backhaul traffic from branch offices over the network. But as the use of internet services increased, security appliance needed to be added in branch offices to allow secure internet access.

So the centre of gravity shifted, with more and more applications moving to the cloud.

Hub and spoke network

Restrictions of legacy infrastructures

Tradition network architectures were not built for a cloud-first, mobile-first world… meaning there are some very obvious restrictions to contend with:

  • Users and apps are secured by the network
  • So access to internal apps requires network access
  • Therefore, all users must be on the network for protection
  • And all traffic must be backhauled to maintain protection – for all users

Bypassing traditional security controls

Today’s traffic often goes straight to the cloud, bypassing traditional perimeter security, with mobile and remote workers connecting direct to the internet – with multiple devices. Additionally, today’s complex threats have triggered an explosion of new security appliances, all finding their way into your overworked gateway.

The result?

  • Time & complexity – Administrators are in a constant battle to keep up with the required security controls. The complexity and cost of maintaining and managing a dated architecture is out of control.
  • Cost & latency – Users demand a fast connection to the cloud. Backhauling traffic adds latency, as well as additional costs.
  • Security threats – Internet-based threats are everywhere, posing a constant threat to secure every user, on multiple devices in multiple locations.

Secure network transformation

Secure network transformation is on the agenda of every enterprise. Applications are moving to SaaS and public cloud. Users are no longer confined to the office, but security is still anchored to the data centre.

So what does a secure IT transformation look like?

Today, software-defined policies (not networks) securely connect the right user to the right app, or service. Users connect to the internet via a cloud security platform, ensuring a fast, secure user experience.

  • Redefined perimeter security
    The internet is the new security perimeter. By moving security to the cloud, all users and locations are protected – regardless of location, or device. Your perimeter and security policy follow the user, wherever they go.
  • A cloud-ready network platform
    Enabling direct-internet connections via a cloud security platform ensures a fast, secure user experience, in addition to reducing the cost/need of additional appliances or to backhaul traffic via HQ. Direct internet connectivity also simplifies network admin.
  • Cloud security stack
    By moving the security stack to the cloud, you can rely on multiple protection technologies, working in unison to stop threats. A cloud service also enables unlimited inspection capacity, so you can easily scale users and services when needed.

This new approach to security transforms the way applications are accessed and security controls are enforced.

  • Software-defined policies connect users to apps (not networks)
  • Access policies determine which apps are visible
  • Security protection is driven by policy, so is tied to the user, regardless of location, or device
  • Secure local Internet breakouts enable a fast user experience

3 steps to secure IT transformation

It is not a question of if, but when. Cloud services are the norm, but there are simple, practical steps on the journey of secure cloud transformation.

  1. Cloud security platform – Firstly, make a cloud security platform the first hop to the Internet – no infrastructure changes required!
  2. Phase out point products – Reduce costs and management overhead by phasing out legacy appliances.
  3. Transform – Enable local internet breakouts and deliver a better, more secure user experience.

Zscaler – The world’s largest cloud security platform

There is a good reason why Zscaler has become the market leader in cloud security: Zscaler was built in the cloud, for the cloud, enabling secure network transformation from legacy architectures, to cloud-enabled with local Internet breakouts.

Enabling secure network transformation

Zscaler Internet Access moves the entire security stack to the cloud with integrated security services that correlate data instantly for the highest level of protection.

By making Zscaler the default route to the Internet, all users receive identical protection, regardless of device, or location. Zscaler sits between your users and the Internet, inspecting every byte of traffic, applying multiple security technologies for the highest level of protection – regardless of location.

Zscaler could security

Zscaler optimises traffic flows by allowing secure, direct connections to the Internet over broadband, while reserving MPLS for data centre traffic.

What sets Zscaler apart?

  • Built from the ground up in the cloud, for the cloud, Zscaler elastically scales to your traffic demands.
  • With no hardware or software to deploy, you can set up direct internet connections in minutes.
  • With 100 data centres globally, every user gets a fast, local connection no matter where they connect from.
  • If a threat is detected anywhere, every Zscaler customer is immediately protected, with 120,000 unique security updates performed – each day.
  • The Zscaler architecture is the best approach for secure SD-WAN and Office 365 deployments.

What’s in the security stack?

Zscaler Internet Access moves the entire security stack to the cloud with integrated security services that correlate data instantly for the highest level of security protection.

Zscaler security stack

A trusted, independent review of Zscaler

Although Comtact Ltd. has been one of most trusted Zscaler partners for many years, we only selected Zscaler after a comprehensive evaluation of all the available technologies.

To this day, we always provide trusted, independent advice to customers, as well as the most competitive Zscaler pricing.

Related articles:

About ZscalerZscaler logo

› Secure your cloud transformation

Zscaler was founded in 2008 on a simple but powerful concept: as applications move to the cloud, security needs to move there as well. Today, Zscaler are helping thousands of global organisations transform into cloud-enabled operations.

By moving applications and infrastructure to the cloud and untethering employees from their desks, you can realise tremendous advantages in productivity, agility, and cost containment. With a 100% cloud built secure platform, Zscaler can help you make the move to the cloud, securely.

Comtact's UK Security Operation Centre (SOC)

About Comtact Ltd.

Comtact Ltd. is a specialist Cyber Security and IT Managed Service Provider, supporting clients 24/7 from our ISO27001-accredited UK Security Operations Centre (SOC).

Located at the heart of a high security, controlled-access Tier 3 data centre, Comtact’s state-of-the-art UK Cyber Defence Centre (SOC) targets, hunts & disrupts hacker behaviour, as part of a multi-layered security defence, to help secure some of the UK’s leading organisations.