Every security leader wants to know precisely what risks are at play in order to control them. To make wise decisions and manage security effectively, you must have unfettered visibility — to instantly see the big picture and plunge as deeply as you need to analyze the data and quickly resolve critical threats.
The security requirement for visibility and management has been a considerable obstacle to cloud-first initiatives. It’s a valid concern for enterprise “clouds” using legacy hub-and-spoke connectivity, and for organizations establishing local breakouts with thousands of appliances stitched together with a patchwork of policies.
Using these approaches for branch transformation is asking for trouble; there is no way to easily know what is going on inside the cloud. Basic security data is unavailable about users, where they come from, what devices and apps they are using, what data is being accessed and downloaded, and so forth.
Even if this scenario produces basic security data, it usually requires massive correlation to unlock practical meaning. It’s a roadblock; instead of seeing the cloud clearly, security managers muddle through a shroud of incomplete operational data.
Our white paper, The Definitive Guide to Branch Transformation, describes the challenges of running thousands of next-generation firewall and unified threat management appliances in hundreds of branches. Their Achilles heel for visibility and management in a cloud-first initiative is unscalable logging. Security event files are usually overwritten every few days due to lack of log space. Integrating all log files for all users, devices, and traffic in the cloud is a pipe dream.
Zscaler’s approach puts the entire security stack into the global cloud. The architectural simplicity vastly improves visibility and management. Instead of connecting to half a dozen sources for data, Zscaler puts it all in one place with instant, global correlation. SLA-backed storage of logs for blocked traffic is six months; full session-by-session logging and storage for six months is also available.
Your security team may be used to struggling with patchworked, cobbled-together “reports” containing thousands of lines of numbers and codes, but such reports amount to a lot of gibberish with little practical value. By contrast, Zscaler presents your security data in plain English on a single dashboard. There are 28 fields that link to deeper analytics and details on demand.
AutoNation, which is America’s largest auto retailer, faced unique challenges while working to support a rapidly expanding business. Its legacy network served more than 26,000 employees at over 360 new and used car franchises throughout the U.S. Each of the more than 30 car manufacturers supported by AutoNation had varying requirements for connectivity. With the old system, AutoNation lacked the visibility it needed to effectively manage security, so it turned to Zscaler.
Zscaler’s all-cloud approach required just a few months for initial rollout, and immediately allowed AutoNation to detect and eliminate a botnet. Ken Athanasiou, the CISO and Vice President of AutoNation, says visibility with Zscaler speeds incident response with user authentication and easy tracking of audit trails. “There’s no more identifying IP numbers and correlating to a specific user,” says Athanasiou. “We can now see all our locations’ user traffic from a single console. Rule changes are made once and immediately enforced everywhere.”
For executives and board members, Athanasiou says Zscaler makes it easy to show what types of threats and attacks are attempting to hit AutoNation on a daily basis. This enables informed security policy management at the highest levels.
“The visibility and control offered by Zscaler allows us to make smart policy decisions that improve our users’ experiences while allowing us to ensure we are appropriately managing our risk environment,” says Athanasiou.
I invite you to see your cloud clearly and manage security wisely. A good place to start is by looking into our white paper, The Definitive Guide to Branch Transformation.
Read all the blogs in this series on the five key requirements for branch transformation:
Jen Toscano is Sr. Product Marketing Manager at Zscaler.