In a world of cloud and mobility, network
security is essentially worthless.

With apps in the cloud and users connecting from
everywhere, what’s left for your network security to protect?

It’s time to rethink network security

Networks were designed to connect users to apps in the data center and we built a secure perimeter around the network to keep those users and apps safe from the outside. But with apps moving to the cloud, and users connecting from everywhere, the perimeter is gone. It’s time to decouple security from the network and use policies that are enforced anywhere apps reside and everywhere users connect.

The world has changed. So why is security still anchored to the data center?

The Old World

On-premises data center

Hub-and-spoke: backhaul traffic to the on-premises data center

Castle-and-moat: to secure the corporate network

The New World

Public cloud, SaaS

Direct-to-cloud traffic routed locally to the internet

Securely connect users and devices to applications regardless of network

To secure the new world, flip the security model

In the past, you had to be on the network to get security protections. But by moving security off the network and into the cloud, you put the full stack of network security engines everywhere your users go. Because security protections are applied consistently, you have the exact same protections in a branch office, at home, or in an airport as you have in the HQ.

Move from a network-centric security model to a user-centric approach for fast, consistent policy enforcement

a diagram showing, in the past, you had to be on the network to get security protections
Arrow an arrow to flip the security model
a diagram showing, move from a network-centric security model to a user-centric approach for fast, consistent policy enforcement

Why move security to the cloud?


Faster user experience

Users connect directly to the nearest Zscaler data center—one of more than 150 worldwide—taking the shortest path to the application or internet destination.


Reduced costs

Zscaler eliminates the cost of buying and managing multiple network security appliances and reduces dedicated WAN costs.


Better security

The Zscaler platform provides full inline inspection of internet traffic, including SSL, and correlates threat data in real time.



Zscaler delivers the functions of a traditional internet gateway as a cloud service, reducing the cost and complexity of network security.

Security Cloud by Zscaler

The Zscaler Cloud Security Platform provides fast and secure policy-based access to internally and externally managed applications. It’s the complete gateway stack—inbound and outbound—delivered as a cloud service.

diagram showing zscaler cloud security platform

Externally Managed Apps

Secure connections to externally managed SaaS applications and internet destinations

Full inline content inspection
all ports and protocols, native SSL scanning
Integrated security techniques
with dynamically computed risk score
Cloud intelligence
identified once, blocked for all customers; 120,000 unique security updates each day
Over 40 industry threat feeds
commercial feeds, open source, private working groups

Internally Managed Apps

Securely connects authorized users to internally managed applications

Users are never on the corporate network
which minimizes your attack surface
Apps are invisible, never exposed to the internet
and internal apps cannot be discovered or exploited
Segment apps without network segmentation
lateral movement is impossible
Easily move internal apps to Azure or AWS
private apps are accessible with a cloud-like user experience

Are there gaps in your security?