Security that Accelerates Business
One of the best things about a useful security product, is that it not only secures the environment but also accelerates business. Zscaler Private Access is an example of such a product. Customers buy it for the security, but love it for everything else it allows. Let me explain:
One of the ways ZPA delivers security is by cloaking applications inside the Zscaler cloud, the Zero Trust Exchange (ZTE). To access an application, a user uses DNS (it all starts with DNS) and is pointed to Zscaler where they must authenticate, their device must be up to snuff (running EDR of minimum version X, OS version Y, etc). Once all of that is verified, application access is extended through a proxy inside the ZTE. The end user never knows the application's IP address, but only sees a Carrier Grade NAT (CGNAT) address which the ZTE extends to the user. In other words, the application's network details are cloaked behind the ZTE. Cool security, huh? The reconn stage of threats falls flat on its face. Wait. It gets better...
领英推荐
What if you are trying to move application A from a datacenter to a colo, or from a data center to the cloud? Traditionally, one would leverage virtual networking to extend the infrastructure to the new location, then vMotion the app (in the case of DC to Colo), or do other unnatural network tricks, tunnels, and other means of extending the infrastructure. All of this requires timely, delicate planning to ensure connectivity, occasional network infrastructure upgrades to allow for jumbo frames, etc. Well, if that app lies behind the ZTE cloak, you can simply bring up the application in the new location with whatever IP addressing is desired at the same time as the application is running in the old location. Now, users in the AppA_Test_User group can be directed to the new instance of the app by policy while users in the App_A user group can be directed to the old app. This allows for testing and cutover in a far more efficient and expedient manner.
For more information, see this white paper discussing the DC to AWS use case.