Zscaler Blows Past 200 Billion Transactions a Day, Secured

Zscaler Zero Trust Exchange crossed an amazing new milestone – 200 billion transactions a day, secured. To put that in perspective take a look at what happens daily at Internet scale. While Google does not publicly report usage statistics, it is estimated that there are between 7 to 10 billion Google searches and around 5 billion YouTube videos viewed daily. So yes, 200 billion daily transactions through the Zscaler platform is an amazing scaling metric.

Zero Trust Exchange

The Zscaler Zero Trust Exchange enables fast, secure connections and allows your employees to work from anywhere using the internet as the corporate network. Based on the zero trust principle of least-privileged access, it provides comprehensive security by connecting the right user to the right application based on business policies that leverage identity, context and content of each transaction. The Zero Trust Exchange operates across 150 data centers worldwide, ensuring that the service is close to your users, co-located with the cloud providers and applications they are accessing, such as Microsoft 365 and public cloud applications. It guarantees the shortest path between your users and their destinations, providing comprehensive security and an amazing user experience.

The Zero Trust Exchange is based on three key tenets:

Connectivity based on identity, context, and content: Traditional VPNs and firewalls put users on the network for application access. Once on the network, the inherent trust placed in the user increases the risk of lateral movement of threats. Conversely, zero trust uses identity and policy based on context to securely connect authenticated users to only a specific authorized application based upon granular access and security policies, without ever putting users on the corporate network. Limiting access prevents lateral movement and reduces business risk. And because no network resources ever need to be exposed to the internet, you can protect against DDoS and targeted attacks.

Proxy-based architecture to connect to apps and inspect traffic: Next-generation firewalls struggle to inspect encrypted traffic. As a result, organizations often end up bypassing the inspection of encrypted traffic, increasing the risk of cyberthreats and data loss. Furthermore, firewalls use a “passthrough” approach, allowing unknown content to reach its destination before any analysis is complete. If a threat is detected, an alert is sent, but that can be too late. Instead, effective threat protection and comprehensive data loss prevention requires a proxy architecture designed to inspect SSL sessions, analyze the content within transactions, and make real-time policy and security decisions before allowing traffic to move on to its destination. And it needs to do all of this at scale, without impacting performance, no matter where your users connect.

Making applications invisible: The migration of applications to the cloud greatly expands the attack surface. Traditional firewalls publish your apps on the internet which means they can easily be found by users and hackers. A zero trust approach avoids exposing the corporate network to the internet by concealing source identities and obfuscating IP addresses. By making apps invisible to adversaries and accessible only by authorized users, the attack surface is reduced, and access to applications—on the internet, in SaaS, or in public or private clouds—are always secure.

A Day on the Zero Trust Exchange

You can see the Zero Trust Exchange live on our cloud activity dashboard. In the snapshot below taken from the dashboard, you can see that we processed 207 billion transactions in the past day, processing 7.2 million transactions per second during peak times! We enforced 7.1 billion policies based on identity, context, content, and business policies configured by different customers. We also stopped 139.1 million threats during the day.

The Zero Trust Exchange provides comprehensive security and risk mitigation by preventing compromise, stopping lateral movement of threats and preventing data exfiltration. Zscaler can intercept and neutralize modern cyber-attacks by disrupting the cyber kill chain in multiple stages. It can find advanced threats without compromising the user experience with inline inspection of all traffic, across all ports and protocols, including SSL encrypted content. It can instantly detect, prevent, and quarantine the most sophisticated ransomware and other threats with best-of-breed AI-powered security, including zero-day variants. It prevents attackers from discovering, exploiting, or infecting users and apps by making them invisible to the internet and only accessible through the Zero Trust Exchange with proper authentication.

You can get a real-time glimpse of threats that are being stopped by severity, volume, trends, categories, along with their origin and target on our global threat dashboard.

I posted a blog in April, 2020 when Zscaler crossed 100 Billion transactions a day. And here we are 18 months later, processing twice as much. We are seeing Moore’s law type exponential growth at massive scale on our platform. This would not have been possible without strong architectural foundations of the Zero Trust Exchange, the relentless innovation, passion and dedication of the team building and running it, and our rapidly growing customers that trust us every day to deliver a mission critical service.