What is Zscaler Private Access (ZPA)?

This is not meant to seem complicated, but firstly, to understand what Zscaler Private Access (ZPA) is, what it does… and why, it may be useful to understand a little bit about Zscaler Inc., courtesy of Wikipedia:

“Zscaler is a cloud-based information security platform delivered through more than 100 global data centres.

To use Zscaler, Internet traffic from fixed locations such as branch offices or factories, roaming devices and mobile devices is routed through Zscaler points of presence before going on to the public Internet.

Zscaler serves as a cloud-based proxy and firewall, routing all traffic through its software to apply corporate and security policies.”

What is Zscaler Private Access (ZPA)?

Eroding of the traditional network perimeter

Zscaler Internet Access (ZIA) was developed to address the challenge of managing security in a world where cloud computing, mobility and the IoT were eroding the traditional network perimeter.

The rise of Zscaler Internet Access (ZIA)

Zscaler requires no on-premises and on-device hardware or software. All you do is make Zscaler your next hop to the Internet, providing full protection from web and Internet-based threats.

Simply put, Zscaler Internet Access delivers your security stack as a service from the cloud, eliminating the cost and complexity of traditional secure web gateway approaches.

Gartner Magic Quadrant Secure Web Gateways 2019

OK, so what is Zscaler Private Access (ZPA)?

“Zscaler Private Access (ZPA) provides seamless, zero trust access to internal corporate applications, whether they’re located within your data centre… or in the cloud.”

What is a Zero Trust Network?

A Zero Trust Network is a holistic network security approach, where every person and device trying to access resources requires strict identity verification. With a Zero Trust Network, by default, no one is trusted – whether they are inside or outside the network.

Ok, that’s a start, but help me out here.

Why would I need Zscaler Private Access (ZPA)?

To really understand what ZPA is, we need to cut through Zscaler’s marketing messages and give you the stripped back overview.

  1. Cloud and mobility driving change

Traditional corporate networks have changed. The perimeter has extended to the internet via adoption of cloud. And users access corporate data via multiple devices from multiple locations.

All of these factors break the traditional “security perimeter”.

  1. The problem of VPNs

Traditional technologies force users to log into VPN clients every time they want to access a corporate application.

  1. Complexity with appliances

Deploying, managing and upgrading appliances is complex and time consuming. And with users, devices and apps all being dynamic, appliances are unable to scale.

Teams need a service that can enable & accelerate cloud adoption, plus deliver zero-trust security across all apps, users and devices – seamlessly… regardless of location.

Let’s look at the definition of Zscaler Private Access (ZPA) again

“Zscaler Private Access (ZPA) provides seamless, zero trust access to internal corporate applications, whether they’re located within your data centre… or in the cloud.”

“Via a software-defined perimeter, ZPA enforces authentication prior to access, making apps invisible to the internet.”

ZPA ensures only authorised users have access to specific private applications by creating secure segments of one between individual devices and apps.

Zero Trust Network Access (ZTNA)

ZPA provides Zero Trust Network Access (ZTNA) with a seamless, cloud-like user experience.

With ZPA, applications are never exposed to the internet, making them completely invisible to unauthorised users. ZPA enables applications to connect to users via inside-out connectivity versus extending the network to them. Users are never placed on the network.

Zero Trust Security Model

Top use cases for ZPA

Whether digitally transforming or simply replacing incumbent technology, ZPA is being widely adopted for a variety of common enterprise initiatives.

Secure Cloud Access
ZPA provides secure connectivity to private apps running across any hybrid or multi-cloud environment.

IT Integration during Merger & Acquisition (M&A)
ZPA provides secure access without the need to converge networks and IP addresses, accelerating IT integration during M&A.

Secure third-party access
ZPA creates a secure segment between a third-party user and a specific app.

VPN alternative
The ZPA cloud service seamlessly connects remote users to internal apps without VPN or placing users on the internal network.

Is Zscaler Private Access (ZPA) right for me?

To understand if ZPA would be a good fit for your organisation, it is useful to ask yourself the following:

  • How do you currently provide secure access to internal apps for your users?
  • Do you have internal apps running in the cloud and/or your data centre?
  • Are your users happy with their current user experience?
  • Are there any business initiatives you are tasked with that a new app access service could help with, e.g. replacing VPN, cloud migration, third-party access?

ZPA benefits

User Experience: Fast, direct access to apps, without a VPN.

Security: Users are never placed on-net, plus app segmentation for granular security.

Value: No hardware appliances (plus reduced bandwidth usage)

Simplicity: 100% software and cloud based, consistent across all apps & devices.

Learn more about Zscaler Private Access

With Zscaler Pricate Access (ZPA), users no longer have to think about which app they are accessing. It just works. Accessing apps across in both the data centre and public cloud (Azure, AWS and GCP) is simply fast, less complex and secure.

Related articles:

About Comtact Ltd.

Comtact Ltd. is a government-approved Cyber Security and IT Managed Service Provider, supporting clients 24/7 from our ISO27001-accredited UK Security Operations Centre (SOC).

Located at the heart of a high security, controlled-access Tier 3 data centre, Comtact’s state-of-the-art UK Cyber Defence Centre (SOC) targets, hunts & disrupts hacker behaviour, as part of a multi-layered security defence, to help secure some of the UK’s leading organisations.