ZSCALER

ZSCALER

Cutting Edge Zscaler Cloud Protection

Zscaler offers a multi-tenant, distributed cloud security platform that effectively moves security into the internet backbone. The service is delivered from more than 100 data centers located around the world that enables organisations to fully leverage the promise of cloud and mobile computing at high performance levels. Zscaler delivers unified, carrier-grade internet security, next generation firewall functionality, web security, sandboxing, advanced persistent threat (APT) protection, data loss prevention, SSL inspection, traffic shaping, policy management and threat intelligence. There is no requirement for an investment in on-premise hardware, appliances or software.

Securite

ZScler is a Securite Partner

Cloud Based Security – the business driver

Zscaler was built on the premise that business and personal applications were moving to the cloud and Web 2.0 features were driving the evolution of web-based apps. As the rate of change increased the adoption of mobility would grow exponentially and users would demand to be able to work from anywhere.

Securite is a Zscaler Partner
Resources

Perimeter-based security appliances can’t provide real protection, because both users and the apps reside outside of the perimeter safeguards used in legacy infrastructure. Point products, including market leaders are not designed to interact with one another see only individual pixels, not the entire picture. The most effective place to handle security is in the cloud between the users and the web where threats evolve constantly.

Securite

Resources

The Zscaler differentiator – architecture;

Cloud-based firewall proxy architecture that’s designed to examine web traffic over all ports and protocols including the growing segment that was SSL encrypted. Policies must follow the user irrespective of their location or device. Security functionality must interoperate and combine aggregated insights to provide a holistic perspective. The Cloud platform must be capable of recognising threats independent of signature feeds and easily propagate threat information across the cloud in real-time. Visibility must be available in real-time and provide granular controls that offer at-a-glance view to the user and or device level with a few mouse clicks.

Securite is a Zscale Partner

Some of the features;

  • Distributed, multi-tenant architecture, built from the ground up for elastic scale while maintaining security and data privacy
  • 10 Gbps platform, based on a next-gen TCP stack and drivers as well as revolutionary Single Scan Multiple Action technology that enables inspection of every byte of traffic by every service
  • ByteScan, which provides ultrafast content scanning as well as detection of malicious sites, content, and data loss, removing dependency on signatures
  • Page Risk Index, which delivers dynamically computed information based on real-time web activities instead of relying on reputation alone
    Nanolog, which encrypts and compresses web logs in a 50:1 ratio to enable complete visibility and drill-down in seconds

Central Authority (CA)
The Central Authority complex is the brain of the Zscaler cloud. The CA manages and monitors all nodes and ensures that they are always up-to-date with the latest real-time feeds and software, and that they are synchronised to propagate threat intelligence cloud-wide. The CA directs users to the closest Zscaler Enforcement Node ensuring that policy follows the user with minimum latency. The Central Authorities are a globally distributed peer-to-peer cluster with an automatically elected master. This ensures all cloud components can always talk to a CA even if there are major internet outages that isolate an entire region.
Through its multi-tenant architecture, the CA provides each organisation with its own secure portal to administer policy. Any change to the policy is communicated to the ZENs within seconds. The CA provides an end user authentication framework through integration with Secure LDAP or ID Federation systems.
Zscaler Enforcement Node (ZEN)
An enterprise forwards all web traffic to the nearest ZEN, where security, management, and compliance policies served by the CA are enforced.
Powered by over thirty patents, each ZEN is a fully featured inline proxy that enforces policies with user-level granularity. The ZEN incorporates a hardened custom-built OS and a custom TCP/IP stack to deliver 90% of transactions in less than 90 microseconds. Zscaler’s ByteScan™ technology enables each ZEN to scan every byte of the web request, content, responses, and all related data for inline blocking of threats like viruses, cross site scripting (XSS), and botnets. This capability also enables Dynamic Content Classification (DCC) of unknown sites. By scanning each page, the ZEN computes a PageRisk™ index for every page loaded and enables administrators to control content served to their users based on acceptable risk.TheZEN also incorporates Zscaler’s unique authentication and policy distribution mechanism that enables any user to connect to any ZEN at any time. This enables enterprises to simply point traffic to any ZEN and ensure full policy enforcement while getting all reports back in real-time.
NanoLog™ servers
Backed with multiple patents, Zscaler’s NanoLog™ technology on every ZEN performs lossless compression of logs by a factor of 50:1, enabling administrators to access any transaction log almost instantly. Logs are transmitted every second to the NanoLog™ servers over secure connections, and multicast to multiple servers for redundancy. Through an innovative reporting and database framework created specifically for web logs, the NanoLog™ server can support 15 million logs per second. This technology provides an administrator with real-time reports and the capability to query complete transaction level details for any user, department or location at any time in seconds. Each server has over 16 Terabytes of capacity, enabling Zscaler to provide multi-year data retention.