9May2019 Avantec Internet Access Webinar€¦ · Office 365 Faster User Experience Secure SD-WAN...

1

Zscaler Internet Access Webinar 9. Mai 2019

Zscaler Internet Access Webinar

Securing your Cloud Transformation

Steffen Probst9 May 2019

2 Securing your cloud transformation

Zscaler: Securely transform IT for a cloud world

RELIABLE.FAST. SECURE.

Business policies connect users to apps from anywhere, over any network

100+ data centers across 6 continents

60B+ transactionsprocessed daily

300 of the Forbes Global 2000

Nasdaq: ZS

Market Leader

GlobalPresence

Proven Scale

2



Leading experts agree

1 Gartner Zero Trust Is an Initial Step on the Roadmap to CARTA, Nov. 2018

Zscaler named a LEADERin the Gartner SWG MQ

“Legacy perimeter security simply won’t work and won’t scale for the requirements of digital business and digital government.”1

We do a lot more than SWG(SWG is only 10% of use cases)

8Years in a Row!


How customers use Zscaler

Reduce Business Risk

Mobile Protection

Zero-Day Protection (SSL/Sandbox)

Proxy Replacement

Data Protection (DLP-EDM)

Multi-Cloud Access

Secure Partner Access

VPN Replacement

Zero Trust / Segmentation

M&A / Divestiture

Private App Access

Office 365

Faster User Experience

Secure SD-WAN

Local Internet Breakouts

3



A proven and trusted partner of global brands Zscaler = Zenith of Scalability

UsersProtected

1.3M

400K

200K

120k

Office 365Monthly traffic

83 TB

60 TB

44 TB

35 TB

CONGLOMERATES

2OF THE

TOP 3OIL & GAS OPERATIONS

4OF THE

TOP 8BEVERAGES

5OF THE

TOP 7APPAREL & ACCESSORIES

3OF THE

TOP 4FOOD RETAIL

6OF THE

TOP 12

ProtectionAcross countries

185

150

113

70

LocationsProtected

11,000

1,200

30,000

1,500

All traffic - All users - All locations


Cloud and mobility: enablers, but disrupt networking and security

Old World New World

It started with cloud app adoption…

And that drives Network Transformation…

Which disrupts network security

DC Cloud + DC

+

?Network Security

Hub-and-Spoke to DC Direct-to-Cloud

4



Legacy Datacenter Legacy Network

The data center was the center of gravity

Remote Access (VPN)

DC Hub

BranchRegional office

Trusted network

INTERNET

Internal networks were built and optimized to connect users to apps in the datacenter

VPN to connects mobile workforce (50%)

MPLS connects 100’s of offices worldwide

3 – 6 DCs with a few internet gateways


FW / IPS

URL Filter

Antivirus

DLP

SSL

Sandbox

Global LB

DDoS

Ext. FW/IPS

RAS (VPN)

Internal FW

Internal LB

Outbound Gateway

Inbound Gateway

Mobile

DNS

Trusted Network

Legacy castle and moat network security

You controlled: network, apps/data, users

Perimeter (moat) of appliances to protect the network

Network security = secure the network to protect users and apps

And serve as gateways (drawbridges) to go in and out

5



Cloud breaks legacy networks and security

NotPetya

The cloud is the new data center

Backhaul TrafficBranch: MPLS / Mobile: VPN Poor user experience

Natural path Direct-to-Cloud

MPLS backhaul costs

Security riskBut, security is still

sitting in the DC


Can you do network security in the world of cloud?

How do you secure a network you don’t control?

Trusted Network

Untrusted Network (Internet)

A new approach to security is needed

AgnosticCloud

NetworkDevice

How do you protect your users and apps?

Can’t build a ’moat’ around it with firewalls and proxies

6



ZIA: Fast, secure, and reliable access to the internet and SaaSThe best approach for Secure SD-WAN and Office 365

Access control

Cloud firewallURL filtering

Bandwidth controlDNS resolution

Threat prevention

Proxy (Native SSL)Advanced threat protection

Cloud sandboxDNS security

Data protection

CASBFile type controls

Data loss protectionExact data match

Platform Services

Logs only written in memory andforwarded to a logging cluster in

a geography of your choice

Block the bad, protect the good

3rd Party Auth

Security and Policy Enforcement

MPLS WAN

Broadband4G/5G Satellite

Mobile Internet Only and Hybrid Branches

HQ

DCZscaler App SD-WAN (GRE/IPsec tunnels)

New York London Sydney

Unprecedented Visibility

Log streaming to your SIEM / SOC

©2019 Zscaler, Inc. All rights reserved. ZSCALER CONFIDENTIAL INFORMATION 12 Securing your cloud transformation

London

Hong Kong

OUTBOUND INBOUND

DLP

URL Filter

Antivirus

SSL

Sandbox

DNS

Out. NGFW

LB

New York

GSLB

DDoS

VPN

Ext. NGFW

LB

In. NGFW

In. LB

ZIA eliminates outbound gateways

SWG (Protect Users) VPN Server Protection

ZPA eliminates VPN gateways

WAF / VDI

Ext. NGFW

LB

In. NGFW

In. LB

GSLB

DDoS

Apps/ServersUsers

What we eliminateDC / Regional Hubs

London

Hong Kong

What we eliminate

OUTBOUND INBOUND

DLP

URL Filter

Antivirus

SSL

Sandbox

DNS

Out. NGFW

LB

GSLB

DDoS

VPN

Ext. NGFW

LB

In. NGFW

In. LB

ZIA eliminates outbound gateways

New York

SWG (Protect Users) VPN Server Protection

ZPA eliminates VPN gateways

WAF / VDI

Ext. NGFW

LB

In. NGFW

In. LB

GSLB

DDoS

Apps/ServersUsers

DC / Regional Hubs Secure local Internet breakouts for every office and every mobile user

What we enable

Global Network

Remote Access (VPN)

BranchRegional office

CLOUD / INTERNET

Avoided deploying firewalls in 300+ branches

7



A three-step journey to secure IT transformation

100,000 Users / 85 Countries 80,000 Users / 48 Countries

SECUREUp-level security

Make Zscaler the next hop to the internet – no infrastructure change

Cloud

SIMPLIFYRemove multiple point products

Phase out gateway appliancesReduce cost and complexity

Cloud

Enable local Internet breakouts (SD-WAN)Better user experience / Network savings

TRANSFORMDirect-to-Cloud Architecture

Cloud


How customers use Zscaler

Reduce Business Risk

Mobile Protection

Zero-Day Protection (SSL/Sandbox)

Proxy Replacement

Data Protection (DLP-EDM)

Multi-Cloud Access

Secure Partner Access

VPN Replacement

Zero Trust / Segmentation

M&A / Divestiture

Private App Access

Office 365

Faster User Experience

Secure SD-WAN

Local Internet Breakouts

8


Securing your cloud transformation

Thank You

NEXT STEPSTechnical Workshop / Executive Briefing | San Jose, CA


Denver

Toronto

New York Paris

LondonAmsterdam

Brussels

StockholmMoscow

Mumbai

Singapore

SydneyCape Town

Madrid

Riyadh

Johannesburg

Atlanta Dallas

Frankfurt

Sao Paulo

LagosKuala Lumpur

Tel Aviv

Washington DC

Chicago

Los Angeles

Copenhagen

Melbourne

Milan

Hong Kong Taipei

Zurich

Chennai

Tianjin

Tokyo

Doha

DubaiAbu Dhabi

Miami

Jeddah

Al Khobar

Warsaw

Seattle

Oslo

Shanghai

Auckland

Seoul

Global data center footprint brings security close to the user

2: https://www.peeringdb.com1: https://www.zscaler.com/threatlabz/global-internet-threats-insights

Requests processed/day60B+

Threats blocked/day1100M+ 120K+

Unique security updates/dayDatacenters in six continents100

Office 365 DC Peering

2TbPeeringCapacity

Peering with content and service providers

Nestle, Siemens, and GE have users being secured by all Zscaler DCs

9May2019 Avantec Internet Access Webinar€¦ · Office 365 Faster User Experience Secure SD-WAN...

Documents

Transcript of 9May2019 Avantec Internet Access Webinar€¦ · Office 365 Faster User Experience Secure SD-WAN...