Zenith Live 2019 Keynotes Watch Now
Zenith Live 2019 Keynotes Watch Now
Products > Zscaler Private Access

Zero trust access to your private apps

You no longer have to choose
between user experience and security.

Read the eBook

The challenge of network-centric security

For 30 years, enterprises have relied on network-centric methods to connect users to the network, and by extension the applications running on it. But the way users work has changed, and with applications moving to cloud, the perimeter has extended to the internet. This renders network-centric solutions, like remote access VPNs, obsolete.

Common pitfalls of network-centric approaches:
  • Places users on-net which increases risk
  • Provides a poor end user experience
  • Inbound connections create opportunity for DDoS attacks
  • Requires appliances, ACLs and FW policies
  • No ability to provide application segmentation
  • Lack of visibility into app-related activity
a diagram showing the workflow of remote access vpns

Zscaler Private Access

The experience users want with the zero trust access IT needs

Zscaler Private Access (ZPA) is a cloud service from Zscaler that provides seamless, zero trust access to private applications running on public cloud or within the data center. With ZPA, applications are never exposed to the internet, making them completely invisible to unauthorized users. The service enables the applications to connect to users via inside-out connectivity versus extending the network to them. Users are never placed on the network. This zero trust network access (ZTNA) approach supports both managed and unmanaged devices and any private application (not just web apps).

Read the Datasheet
a diagram showing ZPA provides secure and consistent access regardless of where the app is running
See Our Solution View the Challenge
Zscaler helps NOV, a 150-year-old Oil & Gas offshore company with ZPA services

NOV, a 150-year-old oil and gas company, uses ZPA to enable zero trust for over 7,000 apps and 10,000 users.

Watch Video

Growmark, a U.S.-based agricultural supply cooperative, enabled zero trust access to SAP and cloud apps with Zscaler’s ZTNA technology.

Watch Video

See how Paychex empowers a seamless application experience for users while accelerating and simplifying M&A IT integrations

See how Paychex empowers a seamless application experience for users while accelerating and simplifying M&A IT integrations.

Watch Video

MAN energy solutions makes zero trust possible with zscaler private access

See how MAN Energy Solutions uses ZTNA technology to provide zero trust access to private applications at sea.

Watch Video

Zscaler Private Access Benefits

Justification for making zero trust network access (ZTNA) technology part of your cloud transformation.

A better access experience

Users have seamless access across all apps and devices. Uses same Zscaler App as ZIA. Also, browser access is available for web apps.

Never place users on-net

Authorized users have access to specific private apps without the need to access the network, reducing the risk of lateral movement and the spread of ransomware.

Segment by application, not network

Micro-tunnels enable network admins to segment by application with no need to segment networks or manage ACLs or FW policies

Inside-out connectivity means app invisibility

Service-initiated ZTNA architecture ensures apps connect outbound to authorized users. IP addresses are never exposed and DDoS is impossible.

The Internet becomes the new corporate network

Cloud adoption extends the perimeter to the internet. Use TLS-based encrypted tunnels and custom PKI to ensure private apps remain secure.

100% cloud-delivered ZTNA service

ZTNA as a service allows for simple management, high availability, greater scale, and strong protection against DDoS attacks.

ZPA: Zero trust network access (ZTNA) delivered as a service

Zscaler Private Access (ZPA) takes a user- and application-centric approach to private application access. A fully cloud-delivered service, ZPA ensures that only authorized users have access to specific private applications by creating secure segments of one between individual devices and apps. That means no more network access, no more lateral movement. And, rather than relying on physical or virtual appliances, ZPA uses lightweight software to connect apps and users to the Zscaler security cloud, where the brokered micro-tunnels are stitched together in the location closest to the user.

ZPA software-defined architecture for how we provide secure connectivity to private apps running across hybrid or multi-cloud environment
1.  Zscaler Broker
  • Hosted in cloud
  • Used for authentication
  • Customizable by admins
  • Brokers a secure connection between a Z-App and a Z-connector
2.  Zscaler App
  • Mobile client installed on devices
  • Requests access to an app
3.  App Connector
  • Sits in front of apps in the datacenter, Azure, AWS, and other public cloud services
  • Provides inside-out TLS 1.2 connections to broker
  • Makes apps invisible to prevent DDoS attacks

Discover and secure shadow IT applications

Many enterprise teams are unaware of the sheer number of applications in their environment. ZPA identifies previously undiscovered internal applications running in the datacenter or on public cloud infrastructure. Once identified, admins can set granular policies for each application, ensuring the environment remains secure and controlled. This, combined with ZPA’s ability to make known applications invisible to unauthorized users, reduces the attack surface dramatically.

ZPA dashboard capture showing how many internal applications are running in the datacenter

Choose application segmentation, not network segmentation

In the past admins needed to segment networks to ensure secure user connections. Today, enterprises use ZPA to control which users access which applications. Admins can easily set granular policies at the application level for specific users, users groups, applications, application groups and associated subdomains.

1.  Create and define policy names
2.  Set different permissions levels for users and user groups
3.  Select the applications each policy is associated with
4.  Easily add new rules and policies for your users and applications from within the UI

Suggested Resources


Watch a demo of Zscaler Private Access

Watch Now 

ZPA Datasheet

Learn more about Zscaler Private Access (ZPA)

Read Now 

Interactive Demo

Take ZPA for a Test Drive

Begin Interaction 

Gartner ZTNA Market Guide

Learn more about zero trust network access (ZTNA)

Read the Guide