Announcing Major Enhancements to Business Continuity Cloud for ZPA: Deploy Faster, Test with Confidence, and Operate with Ease

For any organization, having a disaster recovery plan is standard practice. As part of all our cloud services, Zscaler offers high resiliency to withstand outages as a result of a component failure, a blackout, or a brownout. However, in case of critical failures caused by black swan events like undersea cable cuts, we find that our customers endeavor to keep the operational readiness and security efficacy with 3rd party solutions like a VPN or a network firewall. Even with this  plan, the key challenges remain: Can you failover automatically? Autonomously? Can you keep consistent security policies? Can you deliver the same level of security, and user experience during these critical failures? And can you prove compliance at every step?

To address these challenges, Zscaler offers its Business Continuity Cloud offering for both ZIA and ZPA. Several of our large and enterprise customers have adopted the solution—whether choosing the Zscaler-managed or customer-hosted option—and are already seeing significant value. 

Building on that momentum, we're announcing major enhancements across four key areas to Business Continuity Cloud for ZPA: simplifying deployment, readiness testing, component hardening and streamlining Day 2 operations.

1. Effortless Deployment: Get Production-Ready in Record Time

We are making it faster and easier to deploy customer-hosted business continuity solution.

• Deploy Faster with Prebuilt Images

  Use ready-to-deploy images for AWS, Azure, and VMware (.ova), drastically accelerating your deployment.

• Use Your Existing Identity Provider

  Integrate with your existing Okta and Entra ID configurations. This eliminates redundant IDPs for DR, ensuring a consistent authentication experience for users during Business Continuity mode.

  

• Maintain Performance and Compliance with PSE Redirection

  Business Continuity now honors your existing Private Service Edge (PSE) redirection policies, ensuring users are always routed to the configured PSE for performance and compliance, even during a failover event. This is critical for organizations that need to comply with regional geo fencing mandates.

2. Ensure Readiness With Confidence: Test and Validate Your Plan Continuously

Now, you can validate your setup with granular control and minimal risk.

• Toggle based Trigger for Private Infrastructure

  Through a simple toggle in the ZPA portal, administrators can now force specific components (App Connectors, Private Service Edges and Private Cloud Controllers) into Business Continuity mode. This is ideal for running scheduled drills, training your operations teams, and satisfying auditors who require proof of readiness.

  

• DNS Based Trigger for Users

  Test before you deploy. With DNS-driven activation, you can now pilot Business Continuity mode with a select group of users to confirm your configuration is working correctly. Once validated, you can roll it out across your entire organization. The DNS-driven switchover also gives you manual override control to switch all users into business continuity whenever necessary.

  With this approach, you can:

a. Test Business Continuity with specific user groups before rolling it out organization-wide,                              reducing risk and validating your configuration.

b. Maintain continuous validation by always sending a percentage of your users through the                               Business Continuity infrastructure to ensure the solution works as expected.

c. Manual override for failover by forcing users into Business Continuity if the automatic mechanism                   isn't triggered.

d. Meet compliance requirements by forcing users into Business Continuity every 3-6 months for                       mandatory compliance testing.

3. Component Hardening: Secure Your Business Continuity Environment

Your business continuity environment requires the same robust security as your primary production setup. We've added two critical layers to harden the solution.

• Configuration Backup and Restore 

  You can now easily back up and restore your Private Cloud Controller configurations, providing an essential safeguard against data loss and simplifying recovery procedures.

  

• Database Encryption

  All Business Continuity databases are now encrypted by default, protecting your configuration data from unauthorized access.

4. Streamlined Day 2 Operations: Simplify Management and Troubleshooting

For customers that have deployed the on-premises self-hosted option, we've simplified Day 2 management and troubleshooting with new tools.

• Enhanced Debuggability 

  New commands allow administrators to quickly review Business Continuity configuration, status, Private Controller health, and Private Cloud Controller redirections. These diagnostic tools are especially valuable when the ZPA Portal may be unavailable.

• Stay Informed with Proactive Notifications 

  Receive automatic notifications for critical events, enabling your team to respond faster and manage the environment proactively.

• Remote Support Information

  Administrators can now run commands on Private Cloud Controllers directly through the ZPA Admin Portal, eliminating the need for manual SSH login. This capability significantly speeds up troubleshooting and reduces operational overhead.  

Looking Ahead

These enhancements represent our commitment to making Business Continuity Cloud for ZPA not just a failover solution, but a compliant, testable, and enterprise-grade business continuity solution. Whether you're setting up Business Continuity Cloud for the first time or looking to upgrade from your existing ZPA Disaster Recovery implementation, these updates provide the tools and flexibility to ensure continuous, secure access to your applications. And we're not stopping here—with dedicated dashboards and more coming soon, we are committed to making sure your business is always on and always secure, no matter what.

Ready to move from planning to true operational readiness? Choose the path that’s right for you:

For a hands-on look:[Take the Self-Guided Product Tour]  

For a tailored discussion:[Sign-up to Chat with an Expert]