Zscaler Zero Trust Exchange
The architecture for accelerating secure digital transformation
Transformation brings challenges
Application transformation is well underway with applications residing in SaaS and the public cloud, while being accessed by mobile employees, customers, and partners. Business no longer takes place on a trusted corporate network or inside a security perimeter. The legacy hub-and-spoke network with a castle-and-moat security models, which worked well during the pre-cloud and pre-mobile world, do not work anymore.
Legacy architecture challenges
Greatly increased attack surface
Risk of lateral threat movement
High cost and operational overhead
The Zscaler Zero Trust Exchange
A zero trust architecture built for business transformation
The Zscaler Zero Trust Exchange is a modern approach that enables fast, secure, connections and allows your employees to work from anywhere using the internet as the corporate network. Based on the zero trust principle of least-privileged access, it provides comprehensive security using context-based identity and policy enforcement.
The Zero Trust Exchange runs across 150 data centers worldwide, ensuring that the service is close to your users, co-located with the cloud providers and applications they are accessing, such as Microsoft 365 and AWS. It guarantees the shortest path between your users and their destinations, providing comprehensive security and an amazing user experience.
Zscaler Zero Trust Exchange benefits
Reduces cost and complexity
Simple to manage and deploy without the need for VPNs or complex firewall rules
Delivers a great user experience
Intelligently manages and optimizes direct connections to cloud applications
Eliminates the internet attack surface
Applications sit behind the exchange, preventing discovery and targeted attacks
Prevents the lateral movement of threats
Connects users to apps directly, without network access, to isolate threats
Three core attributes of the Zero Trust Exchange
Enhancements in the Zscaler Zero Trust Exchange platform expand your ability to bring zero trust to your environment while protecting against threats and data loss and simplifying policy creation.
Connect a user to an app, not a network
New APIs automatically create policies for apps and users, while machine learning allows for auto-segmentation of application workloads. These innovations accelerate policy-making and simplify microsegmentation.
Zero attack surface
Traditional firewalls publish your apps on the internet so they can be found by users—but also by bad actors. The Zero Trust Exchange makes apps invisible and accessible only by authorized users.
Proxy architecture, not passthrough
Unlike a next-gen firewall, a proxy architecture is designed for proper content inspection, including SSL, for effective cyberthreat protection and data loss prevention.
Four integrated and comprehensive solutions
Simplify IT and reduce costs by consolidating and eliminating point solutions
Secure Internet and SaaS Access
Data protection (DLP/CASB)
Secure local internet breakouts
Zscaler Internet Access
Secure Private App Access
Remote app access without VPN
Zero trust from office to DC
B2B customer app access
Zscaler Private Access
Secure Apps and Workloads
App segmentation without network segmentation
Cloud security posture management (CSPM)