Zscaler Cloud Platform

Why You Still Need a Firewall When Deploying Office 365

Why You Still Need a Firewall When Deploying Office 365

Companies seeking to get the most out of Office 365 and other SaaS applications must carefully consider their deployment options, particularly in the areas of security and connectivity. Because users can access these apps and services from wherever they are using any device, the jobs of network teams become more complex, requiring them to balance multiple paths of connectivity while navigating a wider, more diverse security environment than in the past.

Some companies assume that because Office 365 has both high-quality connectivity and security, they no longer need to worry about branch security. Nothing could be further from the truth. In fact, delivering scalable security for branch offices is crucial and can offer the added benefit of faster connectivity and a better overall user experience.

A connection is made

Microsoft recommends direct-to-internet connectivity for Office 365. This means moving away from the “traditional” model of routing a branch office user’s traffic through a central office before it reaches the internet. This model creates latency and a poor user experience, which nullifies the collaboration and productivity benefits of Office 365. That’s why direct connections are important for empowering users to maximize all aspects of the suite’s applications and services.

To enable direct connections, you need to control access to the internet from branch offices and for mobile users, which means you need to secure these connections—typically through a firewall. But, as we’ve noted, routing traffic through a centralized firewall can lead to massive latency issues. To optimize Office 365, you need to provide fast and trusted internet connectivity between Microsoft and wherever a remote user might be.

Office 365 has the benefit of built-in, high-end security. But not all cloud applications have such extensive security. The best way to understand and manage all cloud applications, not just Office 365, is to use a cloud-based firewall. A cloud firewall is a better way to manage security in a cloud architecture because it reduces the maintenance burden on your IT teams, freeing them from having to manage multiple devices and versions. Thus, the direct-to-internet structure used to support Office 365 deployments can also be leveraged to optimize all other cloud applications, helping you achieve better connectivity and security—and cut costs. Whether a branch office has five or 500 people, it should have the same level of protection, performance, and control as the security stack in the centralized internet gateway. A cloud firewall makes this possible.

A cloud firewall like Zscaler’s allows you to optimize your network and security. Zscaler Cloud Firewall enables you to understand traffic and recognize the identity of a user, application, and location, and see whether a device is authorized. Because of Zscaler’s peering relationship with Microsoft worldwide, you gain the added benefit of empowering users with improved connectivity. Zscaler has invested in a worldwide network and cultivated peering access points to Microsoft around the world to ensure a high level of performance and user experience.

By enabling you to use local internet breakouts, Zscaler Cloud Firewall helps you reduce costs. You can use inexpensive broadband to connect to the internet rather than routing everything through costly MPLS connections to a central internet gateway. And there’s no need to have expensive firewall appliances in every remote branch office.

Zscaler Cloud Firewall also sets you up for the future. As bandwidth demands expand, cloud-based firewalls allow you to handle growth or new patterns of use without having to lift, shift, and manage applications on their own. Centralized policy management provides configuration simplicity and global visibility that reduces the demands on network teams.

The security with Zscaler Cloud Firewall is also better than hardware alternatives. You can achieve proxy-like security on all ports and protocols, as well as DNS security and intrusion prevention (IPS) capabilities in every branch office, no matter its size. Your company will  have consistent protection and performance wherever users are.

Deploying Office 365 and other cloud applications using a traditional firewall with port- and protocol-based policies simply will not work, because there’s no way to tell whether or not a user or device is authorized. Zscaler Cloud Firewall is the ideal way to deploy SaaS applications in terms of both speed and security. Zscaler delivers the same security regardless of how users are connecting to a company’s network or applications. You can thus leverage Office 365 fully while protecting their other cloud applications and connections to the open internet. Ultimately, companies no longer have to make compromises between security, cost, or user experience. For many businesses, this is the key to achieving their broader cloud transformation and migration initiatives.

More resources:

Explore Zscaler Cloud Firewall and Zscaler for Office 365 or download the Zscaler Cloud Firewall ebook.

Naresh Kumar is Director of Product Management, Zscaler

Get the latest Zscaler blog updates in your inbox

Subscription confirmed. More of the latest from Zscaler, coming your way soon!

By submitting the form, you are agreeing to our privacy policy.