In 2023, there has been a more than 37% increase in ransomware attacks. The average ransom payment for enterprises has surpassed $100,000, with an average demand of $5.3 million¹. Even the White House laid down a mandate to curb such attacks, calling for organizations to bolster their security with zero trust. A zero trust architecture establishes a connection to the specified application only and not to the entire corporate network. In the past, enterprises used remote access VPN technologies to connect remote workers to corporate applications. This approach expands the attack surface and results in lateral movement of threats across a company’s internal systems. A zero trust architecture, however, curtails such movements and eliminates the attack surface.

Zscaler Private Access (ZPA) is the Zero Trust Network Access (ZTNA) platform that applies the principles of least privilege to give users secure, direct connectivity to private applications running on-prem or in the public cloud while eliminating unauthorized access and lateral movement. As a cloud native service built on a holistic security service edge (SSE) framework, ZPA can be deployed in a matter of hours to replace legacy VPNs and remote access tools. In exploring secure private access, many organizations have adopted ZPA Private Service Edge, in which a localized version of Zscaler Private Access (ZPA) is deployed within the customer’s data center. This has enabled Zscaler customers to access private applications regardless of the location of the user and the app, with reduced latency and secure access. Now, Zscaler and Equinix together bring the ZPA service on Equinix Network Edge.

ZPA Private Service Edge on Equinix Network Edge

ZPA Private Service Edge (PSE) is a service that supports localized brokering in the same customer environment where private applications are hosted, such as colocation. The ZPA on-premises service enforces policies and stitches together the connection between an authorized user and a specific private application. When branch users or home office users are looking to access an application that is running in a private cloud, the connection between the user and the application is made with ZPA Private Service Edge, which is the shortest path to connectivity.

ZPA PSE is now available on Equinix Network Edge. This integration enables customers to host ZPA service locally in the same environment where their private applications are hosted. The joint solution improves application performance by reducing latency. It reduces unnecessary hops that traffic would need to travel if the ZPA service was hosted in the public cloud.

ZPA PSE service on Equinix Network Edge offers many benefits to customers, including:

Delivering a superior user experience: Connecting users directly to private apps eliminates slow, costly backhauling over legacy VPNs while continuously monitoring and proactively resolving user-experience issues.

Minimizing lateral movement: Applications are made invisible to the internet and unauthorized users, and IPs are never exposed using inside-out connections.

Enforcing least-privileged access: Application access is determined by identity and context— not an IP address—and users are never put on the network for access.

Stopping attacks with complete inspection: Private app traffic is inspected in line to prevent the most prevalent web attack techniques.

Agility: Easily scale up or scale down resources, depending on usage.

Cloud cost optimization: Run enterprise applications and ZPA services while optimizing overall cloud costs.

Performance: Minimize the impact on application performance by eliminating the need to incur additional hops.

Resilience: Ensure uninterrupted business continuity during blackouts, brownouts, and black swan events.

Figure 1: Zscaler PSE on Equinix Network Edge

ZPA Private Service Edge manages the connections between a Zscaler Client Connector for remote or branch users, a Zscaler Branch Connector for IoT/OT devices or servers, and the App Connector. ZPA Private Service Edge deploys as a lightweight virtual machine that is installed by customers within their own network environments. Once set up, ZPA Private Service Edge works in the same way as the ZPA cloud service.

Notable use cases of the joint solution include:

Connectivity Optimization: Fastest path of access for users.

Disaster Recovery: Continued access to critical apps during a brownout, blackout and black swan event.

Regulatory Compliance: Secure private access with zero trust architecture for regulatory purposes.

Global Reachability: Extends Zscaler capabilities to more locations across the world.

Zscaler and Equinix Collaboration

Zscaler is a leader in cloud security with more than 40% Fortune 500 customers and 12+ years running a cloud service that sits in the data path with a proven scale of more than 320 billion transactions. Globally, Zscaler has more than 5,600 customers and a revenue exceeding $1.5 billion in global revenue in 2022. We’re combining these capabilities with Equinix, the world’s digital infrastructure company^®, has the most dynamic global ecosystem of 10,000+ companies including 55%+ of the Fortune 500 customers and 460,000+ physical and virtual interconnections. Equinix is the world’s most expansive, secure, and sustainable data center platform with $7.2B+ of global revenue in 2022.

Zscaler and Equinix have been collaborating for 12+ years to accelerate cloud transformation for customers. Through this partnership, customers get global coverage with data centers in 32 countries and coverage across six continents.

Together, Zscaler and Equinix enable customers to have an optimized connectivity experience, so users can focus on enabling the business. ZPA Private Service Edge on Equinix Network Edge is offered today and is generally available. Please reach out to the Zscaler account team to request a demo.

For more details on the solution, please visit: https://www.zscaler.com/partners/equinix