Layered approach to security
Traditional appliance-based network security strategies were designed to protect users in static company facilities accessing systems running in corporate data centers. Today, users are everywhere, not just on company-issued PCs in the office, but also working from home, at Starbucks, on airplanes, in hotels, at client sites and, increasingly, on mobile devices. The emergence of cloud applications—from consumer applications like YouTube and Facebook to private cloud applications and commercial cloud applications like Salesforce.com, Box.net, Office 365 and Workday—means that your company data is also everywhere—it’s no longer just in your corporate data center.
Together these two trends mean that the corporate perimeter has effectively disappeared. As a result, security appliances designed to protect your perimeter have lost visibility into your traffic—essentially rendering them useless.
Zscaler Web Security is a part of our massively scalable global Security as a Service platform that sits in-line between your company and the Internet, protecting your enterprise from cyber threats, stopping intellectual property leakage and ensuring compliance with corporate policies and statutory regulations. The Zscaler system scans all incoming and outgoing Internet traffic irrespective of device or location, thus ensuring comprehensive security and compliance for today’s ‘boundary-less’ enterprises. Zscaler Web Security protects you from a broad range of web security threats including malicious URL requests, viruses, advanced persistent threats, adware, spyware, botnets, cross-site scripting.
The Best Security
Zscaler’s integrated Security as a Service platform combines multiple layers of security—true defense in depth—into a single, seamless system. Our platform includes technologies such as MD5 signature blocking, anti-virus, intrusion detection, content inspection, machine learning, threat assessment, SSL decryption, cloud mining, risk profiling, sandboxing, advanced persistent threat (APT) protection and much more. We always scan every byte of Internet traffic, both inbound and outbound, and unlike appliances we are always in-line and we never fail-open under high loads.
We leverage real-time security feeds from more than 20 different third parties feeding into our system. We also utilize crowd-sourcing—whenever one of the security teams at our clients identifies a new threat—and remember some of the largest, most advanced companies in the world are our clients—we can instantly block those threats for all of our customers.
Our multi-tenant cloud infrastructure ensures that our threat intelligence is always up-to-date using information gained across from our network, which processes more than twelve billion transactions every day. Organizations can set policy to manage access to content and applications at the user, group and/ or location level.
URL filtering and anti-virus protection are basic and essential features, but are not sufficient to ensure security in today’s environment. With threats often hidden in otherwise ‘reputable’ sites (e.g. as a plug-in or embedded in user generated content) the concept of a ‘trusted site’ is no longer relevant. Zscaler always inspects the complete URL and the content of the entire web page including plug-ins and attachments, bi-directionally in real time, even in SSL encrypted tunnels, to calculate a risk score on the fly. The risk score then helps determine how deep to further investigate content—even running behavioral analysis in a sandbox environment to detect APTs. Equally importantly, Zscaler is not about simple alerting against threats—threats are blocked in real-time in the cloud before they reach your network or your user’s devices.
Zscaler is today processing traffic for more than 12 million users at more than 5,000 corporations and governments. Because we are a massive Security as a Service platform, whenever we identify a new threat in any part of our network, we can update our signatures in real time—and instantly all 12 million users on our network are protected.
This means that the bigger we get, the better the service works for all of our customers. This is especially exciting for zero-day threats and advanced persistent threats—the really bad stuff. This is a unique benefit of cloud-based security—think about how small the chances are that one of your users will be the first person out of 12 million on Zscaler’s platform to be exposed to a particular new threat. That’s why cloud computing is so powerful—and the bigger our network gets, the better—and faster protected you are.
Granular Policy Control
With Zscaler’s Unified Policy Console, you can define and manage consistent security policies across multiple devices, including mobile devices, from a single centralized console at the user, group and/or location level. Our patented ShadowPolicyTM ensures that your policy follows your users—no matter where they are in the world, their granular security policy is applied. Because of the multi-tenant nature of the Zscaler cloud, all policy updates are rolled out instantaneously across your organization’s entire user base.
Simplified IT Management
Zscaler not only frees IT from having to manage multiple security devices, but also provides easy access to in-depth reporting to conduct forensics or incident analysis in real time.