Want to learn more? Discover how our innovative multitenant cloud architecture can help organizations like yours reduce IT cost and complexity while improving security and the user experience.
In a multitenant environment, customers share the same application, operating environment, hardware, and storage mechanism. This is distinct from virtualization, wherein every application runs on a separate virtual machine with its own operating system.
A multitenant cloud is commonly likened to an apartment building—residents have keys to their own separate apartments, but they all share the infrastructure that delivers water and power. The provider (or the landlord, in this example) sets overarching rules and performance expectations for customers (tenants), but the individual customers have private access to their data.
Multitenant architecture refers to hardware or software architecture in which systems, software applications, or data belonging to multiple organizations or individuals are hosted on the same physical hardware. In a single-tenant architecture, meanwhile, the hardware and its resources are exclusively dedicated to one tenant. Let’s compare some of the attributes of these two architectures:
Serves multiple tenants with one instance
Makes cost-effective use of shared resources
Isolates tenant data with tight access controls
Offers efficient deployment and scalability
Relies on the vendor for maintenance
Serves one tenant with one instance
Often costs more due to dedicated resources
Isolates tenant data with private infrastructure
Meets specific data privacy requirements
Relies on the operator for maintenance
Most commercial public cloud services are based on multitenant clouds, including:
Cloud service providers offer multitenant applications and services as a way to share cloud compute resources, with numerous benefits for the providers and their customers.
Multitenant clouds take advantage of their underlying architecture to provide:
Today’s organizations rely heavily on cloud-based apps as well as cloud platforms like Microsoft Azure and Amazon Web Services (AWS). As their transformations mature, many are realizing that it makes more sense to secure their traffic in the cloud rather than continue to depend on their on-premises data security.
On-premises hardware vendors are responding by promoting hybrid solutions in which appliances handle data center security while similar security stacks, housed in cloud environments, handle mobile or branch security. This hybrid strategy complicates, rather than simplifies, enterprise security by offering organizations none of the speed, scale, global visibility, or threat intelligence benefits of a true cloud service—benefits only a global multitenant architecture can provide.
Today, everything from your applications to sensitive data and traffic runs or is stored outside your perimeter. It’s likely your users are often outside it, too, and as such, you need to provide consistent, secure access to apps and services wherever your users are, whichever devices they’re using. It’s this very need that gave rise to the secure access service edge (SASE).
Gartner defines SASE as a solution that offers “comprehensive WAN capabilities with comprehensive network security functions (such as SWG, CASB, FWaaS, and ZTNA) to support the dynamic secure access needs of digital enterprises.” True SASE architecture is distributed and globally accessible, providing seamless and secure connectivity, high bandwidth, low latency, and a great user experience anywhere.
Some SASE solutions use a dedicated instance per customer, but this limits the solution’s scalability. Moreover, this model relies on a single-tenant architecture using network-based access policies in a SASE model, which should be based on user access. This often results in:
The most effective SASE solutions are built from the ground up to be multitenant, with well-developed cloud infrastructures distributed across upwards of 100 data centers worldwide. Multitenant architecture allows users to access any of the SASE provider’s data centers and stay secure, all in an environment that can scale globally on demand for fast-growing organizations.
Zscaler leverages multitenancy to scale, easily scanning every byte of data coming and going—on all ports and protocols, including SSL—without negatively impacting performance or the user experience. The Zscaler cloud is always up to date, and as soon as it detects a new threat anywhere in the world, it sends instant protection to all customers.
Zscaler security controls are built into a unified platform, so they communicate with each other to provide a cohesive picture of all the traffic that’s moving across your network. Through a single interface, you can gain insight into every request—by user, location, and device around the world—in seconds.
Tony Fergusson, IT Infrastructure Architect, MAN Energy Solutions