The appliance way EndFragment
Expensive to backhaul and scale Poor user experience EndFragment
The hub-and-spoke way EndFragment
You’ve had two challenging choices for zero-day malware protectionEndFragment
Expensive to deploy and maintain Appliances run in isolation EndFragment
Broadband EndFragment
Cloud protection for all users and locations against advanced threatsEndFragment
Better user experience and cost-effective to deploy and manage EndFragment
MPLS EndFragment
No hardware or software to deploy and manage Reduced MPLS backhaul costs Fast and local user experience EndFragment
Use arrow button to navigate
Zscaler Cloud Sandbox
Paris
Singapore
San Francisco
You have to deploy sandboxes in all your gateways.
London
How do you protect all your users from zero-day malware?
Cloud Sandbox EndFragment
Here’s a new way:
• Quarantine patient zero • Upload files for analysis (file check portal) EndFragment
Zero-day malware protection for all users in all locations. EndFragment
Uniform policies across all users and locations Inline inspection of all suspicious and unknown files Integrated platform service Cloud effect EndFragment
• Pre-filters all known bad threats (40+ threat feeds) • Native SSL inspection (no performance impact) • APT protection – inbound and outbound traffic • Rich forensics – user, location origin, evasive tactics... EndFragment
• Identified once, immediately blocked for all customers EndFragment
Introducing Zscaler Cloud SandboxEndFragment
• Single console to define global policies • Immediate enforcement of policy changes EndFragment
Check your securityEndFragment
CHECK YOUR SECURITY
Run the Zscaler Security Preview to find out how well you’re protected right now. It’s quick, safe, and informative. 
BACK TO ZSCALER.COM  >
Traditional appliances are having trouble keeping upEndFragment
54% EndFragment
Inspecting all traffic can require 8X more security appliancesEndFragment
of advanced threats hide behind SSL EndFragment
– 2016 data breach investigation, Verizon EndFragment
99% EndFragment
– 2016 ThreatLabZ Research EndFragment
of malware hashes are only seen for 58 seconds EndFragment
Ransomware (Nymaim) EndFragment
Zero-day malware attacks – Aviation customer, March 2016
Infostealer Trojan (Ballad) EndFragment
Threats blocked 30 seconds after malware confirmation
New threats sandboxed and blocked for ALL customers in 30 seconds. EndFragment
“We turned it on and it just worked.” EndFragment
CryptoLocker attack – Banking customer, October 2015EndFragment
• 1,352 CryptoLocker emails came in over six hours • 114 evaded legacy controls • 9 employees clicked the link • 6,500 file shares were destroyed EndFragment
• Another CryptoLocker attack ensued • 5,405 infected emails arrived in over six hours • 169 evaded legacy controls • 11 employees clicked the link • 0 infections EndFragment
Zscaler evaluation had just started, minimal rollout 60 hours later: Zscaler was activated for all users EndFragment
Threat score
Gain a complete picture of what’s happening in the sandbox EndFragment
Delaying code execution to avoid sandbox detection
Opening ports to allow remote connectivity
Sniffing traffic
Trying to allow remote control
Why Zscaler for zero-day malware protection? EndFragment
Part of an integrated cloud security platform EndFragment
Zscaler Cloud Sandbox
• Central console to define security policies – web, firewall, sandbox, and DLP  • Full inline protection with native SSL inspection – patient-zero quarantine  • Uses cloud intelligence to pre-filter known bad files • APT protection – inspect bi-directional traffic (botnet communications, XSS) • Correlates user (not just IP address), location, file type, and behavior analysis EndFragmentEndFragment
Better value EndFragment
Cloud effect EndFragment
• Checkbox to turn on – no hardware to buy, deploy, and manage  • Protection for all users irrespective of device and location  • No need to backhaul Internet traffic over MPLS or VPN  EndFragmentEndFragment
• A threat detected by any customer is immediately blocked for all customers  • Cloud intelligence enhanced by 40+ partner feeds EndFragmentEndFragment
Quarantine all files from suspicious destinations
With Zscaler, you can tailor policies for better security and a good user experienceEndFragment
Allow Word and PDF file downloads, but also scan
Allow IT security to download malicious files
Purchase what you need and you can always expand with a click of a button
POWERED BY PATENTED TECHNOLOGIES
URL FILTERING
DATA PROTECTION
FILE TYPE CONTROLS
Zscaler Cloud Sandbox  EndFragment
THREAT PREVENTION
ByteScanTMEach outbound/inbound byte scanned, native SSL scanning
DNS FILTERING
CLOUD SANDBOX
BANDWIDTH CONTROL
PageRiskTMRisk of each object computed inline, dynamically
ANTI-VIRUS
CLOUD APPS (CASB)
NanologTM50:1 compression,   real-time global log consolidation
DNS SECURITY
CLOUD FIREWALL
ACCESS CONTROL
PolicyNowTM Polices follow the userfor same on-premise, off-premise protection
DATA LOSS PREVENTION
SSMATM All security engines fire with each content scan – only microsecond delay
A service of the Zscaler Cloud Security Platform. EndFragment
ADVANCED PROTECTION