Zscaler 5.6: New features for analyzing risks and improving threat detection
As we counsel our customers, cloud transformation requires a shift in how we think about network and security architectures. At Zscaler, we’re always pushing that thinking forward, helping enterprises realize their vision for fast, secure access to apps, no matter where users connect. With our Zscaler 5.6 release, we’re pioneering ways to improve visibility, strengthen security, and enhance usability. The 5.6 release includes dozens of features that are rolling into production now. Here are a few highlights.
Enhanced Cloud IPS takes threat protection to a higher level
Our 5.6 release includes enhanced Cloud IPS capabilities, which are tightly integrated with Zscaler Cloud Firewall, so that enterprises can restore the threat protection commonly lost due to cloud and mobility. Zscaler Cloud IPS also helps thwart attackers that increasingly target users. Traditional IPS was designed to protect servers in the data center. But today, most threats target users, not servers, and traditional IPS simply can't follow the user connection. Zscaler Cloud IPS enhancements help restore intrusion protection back to the user connection in all locations, on-network and off-network. All users and offices receive always-on IPS threat protection and coverage, no matter where they are or what devices they’re using.
Better together: Risk scores and API integrations leverage the power of peers and partners
When enterprises tap into the knowledge of their peers, and technology from the Zscaler ecosystem, the result is better intelligence and security. New to 5.6 is Company Risk Score, which helps security teams gauge their risk posture compared to other organizations. This new feature, along with Peer Comparison, helps customers gain insights into risk trends that are industry-wide or localized, tipping them off to improvements they may need to adopt. For example, security teams can analyze threats blocked, active infections, and suspicious activity, then compare the results to industry peers.
API integrations are another way Zscaler customers can tap into expertise. Using a wizard for guided partner integration setup, customers can better integrate and automate security systems within Zscaler—such as SD-WAN and CASB closed-loop integrations—taking advantage of our strong partner ecosystem. The integrations are simple to turn on and easy to deploy.
DLP EDM, DNS tunneling, Newly Registered Domains, and Splunk
We’re also enhancing data loss prevention (DLP) in 5.6 by adding Exact Data Match (EDM). DLP EDM allows customers to index structured data to identify and protect sensitive information that is leaving the network with more precision. Customers can index and hash up to 1 billion cells of their most critical data, and automatically block or alert if that traffic is leaving the network from anywhere in the world, without that data ever leaving the customer’s premises. Full integration with Zscaler’s SSL visibility, and policy that follows the users on or off the network, make this a unique and necessary feature for today’s cloud-first world. In addition, the 5.6 release offers more DLP functionality, including new, preconfigured dictionaries as well as additional file-type controls for data, such as Microsoft Outlook Exchange PST files.
Our new DNS tunnel detection feature uses machine learning techniques to detect and stop data exfiltration in tunnels masquerading as DNS traffic, and provides granular controls to allow legitimate DNS tunnels (such as AV signature updates) while blocking others.
With a new feature in URL filtering, you can set your policies to block Newly Registered Domains, those sites whose domains were created in the last 30 days. Such sites are fundamentally more dangerous, because attackers are constantly creating new domains that are not yet known to be malicious.
In addition, Zscaler App for Splunk integrates logs from across the Zscaler cloud with an existing Splunk installation, allowing SOC teams to leverage existing security workflows and further correlate threat and compliance events across the organization.
You’ll soon see 5.6 enhancements in your environment
Over the next month, 5.6 will be deployed across the complete Zscaler Cloud Security Platform. If you’d like to learn more about these exciting features, or how Zscaler can help you transform your network and security, just let us know!
The innovations we’re releasing in 5.6 will be highlighted at Zenith Live this week. We’re looking forward to sharing the news about all of the new features that improve the app experience and add greater security.