Ten Reasons Enterprises are Moving Security to the Cloud - Zscaler
ZSCALER EBOOK
Top 10 Reasons Enterprises are Moving Security to the Cloud A better approach to security
Albert Einstein defined insanity as “doing the same thing over and over again and expecting different results.” Perhaps throwing appliances at a network to make IT security headaches go away fits this definition.
Cloud computing is rapidly changing enterprise IT by reducing the cost and simplifying the deployment of applications such as customer relationship management (e.g., salesforce.com) and email (e.g., Gmail). Now, enterprise organizations are discovering those same economic and technology advantages can be achieved by migrating their IT security to the cloud. In fact, Gartner’s 2012 Magic Quadrant Report acknowledges that cloud-delivered gateways are growing at 35% annually, almost three times as fast as appliances. There are plenty of reasons why
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks o f Zscaler, Inc. in the United States.
companies are transitioning their security strategies from appliance-based security to the cloud. One key reason that favors the Security Cloud approach is its superior architecture for handling threats. Enterprise security has traditionally been delivered either as; • A host based solution — In this model, endpoint agents are installed on the users’ PCs. The endpoint agent may provide antivirus and malware protection, firewall capabilities or IDS/IPS functionality. However there are two primary challenges facing this model; o In a global environment, with hundreds or thousands of machines distributed across multiple locations, it is simply not cost effective to manage and maintain these disparate machines with agents. o Endpoint agents are not generally available on mobile devices. This poses significant challenges, especially with the proliferation of mobile devices within the enterprise, coupled with the increasing popularity of social media.
What Companies are Saying about Zscaler
“
Immediately upon
deployment, Zscaler gave my team instant visibility into what computers where already infected and sending data out to command and control servers, and the information we needed to fix them. Zscaler
”
provided true visibility and security on day one.
– CHARLES JACKS PRINCIPAL ARCHITECT
o The agent itself needs constant updates to keep up with evolving new web threats, often meaning significant latency between the time a security event is discovered, when protection is made available, and cumbersome time taken to distribute and update and user machines
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
2
ZSCALER EBOOK
• An appliance-based security model — This model also faces significant challenges in global enterprise organizations. In this model, a “box” is typically deployed at each office location. As the number of offices increase, more boxes need to be deployed and managed. The appliance management problem gets compounded at smaller branch offices which may not have IT resources on-site. Add telecommuters that work from home offices, and the appliance based model quickly becomes untenable. As such, enterprises frequently force users to VPN to headquarter locations to leverage on-premise security appliances. This leads to unnecessary traffic backhaul with increased bandwidth cost for the organization and added latency for users. Further, as users adopt mobile devices that go straight to the Internet, appliances that enforce security and policy compliance are often circumvented completely.
A Security Cloud is superior in several dimensions: A. It’s always up-to-date. Cloud based security eliminates the gap between threat
discovery and protection being available. Since the cloud sees traffic from a variety of sources, it has real-time and granular visibility of new security outbreaks. As new vulnerabilities are discovered, a single update to the cloud offers instant protection to all users seamlessly. If one user uncovers a new vulnerability, all others are instantly protected against it. B. The user gets the benefit of real-time cloud intelligence and collaborative sharing of
threat information.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
3
C. Inline inspection is performed in the Cloud for all traffic. In addition, a scalable
Security Cloud can perform SSL inspection without materially degrading the user experience. Today, an increasing volume of web based traffic leverages SSL, rendering security solutions blind if they aren’t SSL capable. D. The Security Cloud protects any device at any time. Mobile devices, typically
operating on their own 3G or 4G network, bypass appliances. Without inspection and policy enforcement, there is simply no comparison between appliances and the Security Cloud. E. Additionally, the Security Cloud is robust enough to act as an infrastructure capable
of supporting multiple services. It can integrate a comprehensive suite of services and apply consistent policies to each user regardless of device or location. By doing so, it eliminates the need for multiple point products. It’s global footprint in the cloud provides security against blended threats. Thus, the Security Cloud provides infrastructure as a service that allows the enterprise to implement the security that meets the need of the organization.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
4
ZSCALER EBOOK
Why Enterprises are Making the Switch to the Cloud Organizations today understand that protecting users with a consistent and enforceable policy requires much more than simple URL or web-filtering. Millions of users from thousands of companies have already switched their IT security from appliances to experience the benefits of the Security Cloud. Whether you are considering adding a user-focused security service to complement an existing web filtering solution, or are building your web security from scratch, the largest Security Cloud is the best path for you. Here’s why Zscaler makes the most sense for today’s world of enterprise security.
1
Move beyond point solutions to complete security. Point solutions , cannot effectively support disparate, multiple locations, branch offices, or telecommuters. Zscaler provides the best defense against today’s sophisticated threats including botnets, malicious websites, scripting attacks and much more. With appliances, HQ users.
2
Protect road warriors. Appliance-based solutions simply can’t keep up with today’s enterprise workforce. Employees are in airports, hotels, coffee shops and anyplace where a hot spot promises Internet connectivity. In an appliance world, you have to establish a secure connection with a VPN back to headquarters or to some regional hub
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
5
where a security appliance is deployed. This deteriorates the user experience and creates
What Companies are Saying about Zscaler
“
Before, 800 locations
unnecessary back haul costs, encouraging some
were back-‐hauled through a
users to access the Internet directly, getting infected
couple of data centers. Securing
and then introducing malware to the corporate
that traffic with the cloud led to
network once connected. With Zscaler, no matter
millions of dollars in savings
where the worker is, the nearest data center is
annually for bandwidth.
accessed, policy is enforced and only then is the Internet accessed with full protection and low latency.
”
The user gets the same policy and the same protection whether sitting at headquarters, in a hotel in London or in a coffee shop in Chicago.
Protect mobile device users. Every enterprise is adopting smartphones and tablets. Users get great productivity benefits from these devices as they access corporate services like email or SaaS applications. These devices typically operate on a 3G or 4G network and go directly to the Internet, making them a challenge to secure. This traffic does not go through an appliance, and users are often compromised. With Zscaler, you get the same policy and the same protection whether your users are on a PC, a laptop, a smart phone or a tablet.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
6
ZSCALER EBOOK
4
Protect your distributed enterprise. Today’s companies do not operate out of a single facility. A typical company has multiple offices in many cities, in countries around the world. A security appliance requires you to either backhaul traffic to headquarters or to a regional hub facility. Either way, you wind up paying twice for bandwidth. One Zscaler customer is protecting thousands of users at offices all over the world and is saving $1.6 million per month by avoiding backhauling costs alone.
5
Avoid network latency and improve the user experience. Zscaler provides a rich and fast Internet experience for the user. Avoiding the need to backhaul traffic does more than save money; it improves network performance. Zscaler can do this because its fundamental innovation lies in its ability to create a giant global network that acts as a single virtual proxy, so that any user can go to any gateway at any time for policy-based secure Internet access. The typical appliance overhead is simply no match.
Simplification of IT. No hardware. No software. No clients. No complications. Appliance vendors can’t say that. By consolidating multiple point products and not having to worry about large-scale deployments in multiple locations, the Zscaler Security Cloud frees valuable IT resources to focus on strategic and architectural challenges, not patching and managing boxes.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
7
Get real-time reporting that’s interactive and consolidated. With Zscaler you are not limited to batch reporting. Whether you have 500 employees or 50,000, you can view transaction level logs for any employee at any location from any destination within seconds. And, that’s backed by a Zscaler SLA. Appliance vendors typically require you to buy and maintain reporting servers, and still rely on batch reporting – with no SLA.
Best Total Cost of Ownership (TCO). With Zscaler, there is no CapEx. You are not buying and deploying hardware. Deployment costs are minimal. Ongoing management costs are minimal.
What Companies are Saying about Zscaler
“
12,000 locations
There are no patches or upgrades to worry about. You
backhauled to corporate
enjoy lower bandwidth costs. You get better security
headquarters. Saved 70% on
and fewer infected devices, meaning less time re-
bandwidth costs by adopting
imaging your hardware assets.
cloud-‐delivered security.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
”
8
ZSCALER EBOOK
9
Integration and consolidation of point products. Today, your DMZ most likely has several point products: a web proxy; a zero-day security product; a DLP appliance and more. Each product requires integration with Active Directory for user and group policy settings. That carries a burden in terms of actual cost and IT overhead. With Zscaler, integrated functionality gives you better security, a consistent user interface and consolidated policy and reporting.
Benefit from the largest security cloud in the industry. According to Gartner, Zscaler already has the largest global footprint of data centers among all security vendors. With data centers in over 100 locations around the world, the Zscaler Security Cloud processes over 10 billion transaction per day. One of our larger customers protects over 1.6 million users in over 180 countries. Reliability and availability SLAs are clearly published. That means you get proven scalability and reliability, and your employees get the same policy-based protection on any device in any location.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
9
About Zscaler Zscaler is transforming enterprise security with the world’s largest Security Cloud built from the ground up to safely enable users doing business beyond the corporate network. See why global enterprises are using Zscaler today to simplify their IT operations, consolidate point security products, and securely enable their business for mobility, cloud and social media. For more information, visit www.zscaler.com
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
10
Top 10 Reasons Enterprises are Moving Security to the Cloud A better approach to security
Albert Einstein defined insanity as “doing the same thing over and over again and expecting different results.” Perhaps throwing appliances at a network to make IT security headaches go away fits this definition.
Cloud computing is rapidly changing enterprise IT by reducing the cost and simplifying the deployment of applications such as customer relationship management (e.g., salesforce.com) and email (e.g., Gmail). Now, enterprise organizations are discovering those same economic and technology advantages can be achieved by migrating their IT security to the cloud. In fact, Gartner’s 2012 Magic Quadrant Report acknowledges that cloud-delivered gateways are growing at 35% annually, almost three times as fast as appliances. There are plenty of reasons why
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks o f Zscaler, Inc. in the United States.
companies are transitioning their security strategies from appliance-based security to the cloud. One key reason that favors the Security Cloud approach is its superior architecture for handling threats. Enterprise security has traditionally been delivered either as; • A host based solution — In this model, endpoint agents are installed on the users’ PCs. The endpoint agent may provide antivirus and malware protection, firewall capabilities or IDS/IPS functionality. However there are two primary challenges facing this model; o In a global environment, with hundreds or thousands of machines distributed across multiple locations, it is simply not cost effective to manage and maintain these disparate machines with agents. o Endpoint agents are not generally available on mobile devices. This poses significant challenges, especially with the proliferation of mobile devices within the enterprise, coupled with the increasing popularity of social media.
What Companies are Saying about Zscaler
“
Immediately upon
deployment, Zscaler gave my team instant visibility into what computers where already infected and sending data out to command and control servers, and the information we needed to fix them. Zscaler
”
provided true visibility and security on day one.
– CHARLES JACKS PRINCIPAL ARCHITECT
o The agent itself needs constant updates to keep up with evolving new web threats, often meaning significant latency between the time a security event is discovered, when protection is made available, and cumbersome time taken to distribute and update and user machines
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
2
ZSCALER EBOOK
• An appliance-based security model — This model also faces significant challenges in global enterprise organizations. In this model, a “box” is typically deployed at each office location. As the number of offices increase, more boxes need to be deployed and managed. The appliance management problem gets compounded at smaller branch offices which may not have IT resources on-site. Add telecommuters that work from home offices, and the appliance based model quickly becomes untenable. As such, enterprises frequently force users to VPN to headquarter locations to leverage on-premise security appliances. This leads to unnecessary traffic backhaul with increased bandwidth cost for the organization and added latency for users. Further, as users adopt mobile devices that go straight to the Internet, appliances that enforce security and policy compliance are often circumvented completely.
A Security Cloud is superior in several dimensions: A. It’s always up-to-date. Cloud based security eliminates the gap between threat
discovery and protection being available. Since the cloud sees traffic from a variety of sources, it has real-time and granular visibility of new security outbreaks. As new vulnerabilities are discovered, a single update to the cloud offers instant protection to all users seamlessly. If one user uncovers a new vulnerability, all others are instantly protected against it. B. The user gets the benefit of real-time cloud intelligence and collaborative sharing of
threat information.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
3
C. Inline inspection is performed in the Cloud for all traffic. In addition, a scalable
Security Cloud can perform SSL inspection without materially degrading the user experience. Today, an increasing volume of web based traffic leverages SSL, rendering security solutions blind if they aren’t SSL capable. D. The Security Cloud protects any device at any time. Mobile devices, typically
operating on their own 3G or 4G network, bypass appliances. Without inspection and policy enforcement, there is simply no comparison between appliances and the Security Cloud. E. Additionally, the Security Cloud is robust enough to act as an infrastructure capable
of supporting multiple services. It can integrate a comprehensive suite of services and apply consistent policies to each user regardless of device or location. By doing so, it eliminates the need for multiple point products. It’s global footprint in the cloud provides security against blended threats. Thus, the Security Cloud provides infrastructure as a service that allows the enterprise to implement the security that meets the need of the organization.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
4
ZSCALER EBOOK
Why Enterprises are Making the Switch to the Cloud Organizations today understand that protecting users with a consistent and enforceable policy requires much more than simple URL or web-filtering. Millions of users from thousands of companies have already switched their IT security from appliances to experience the benefits of the Security Cloud. Whether you are considering adding a user-focused security service to complement an existing web filtering solution, or are building your web security from scratch, the largest Security Cloud is the best path for you. Here’s why Zscaler makes the most sense for today’s world of enterprise security.
1
Move beyond point solutions to complete security. Point solutions , cannot effectively support disparate, multiple locations, branch offices, or telecommuters. Zscaler provides the best defense against today’s sophisticated threats including botnets, malicious websites, scripting attacks and much more. With appliances, HQ users.
2
Protect road warriors. Appliance-based solutions simply can’t keep up with today’s enterprise workforce. Employees are in airports, hotels, coffee shops and anyplace where a hot spot promises Internet connectivity. In an appliance world, you have to establish a secure connection with a VPN back to headquarters or to some regional hub
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
5
where a security appliance is deployed. This deteriorates the user experience and creates
What Companies are Saying about Zscaler
“
Before, 800 locations
unnecessary back haul costs, encouraging some
were back-‐hauled through a
users to access the Internet directly, getting infected
couple of data centers. Securing
and then introducing malware to the corporate
that traffic with the cloud led to
network once connected. With Zscaler, no matter
millions of dollars in savings
where the worker is, the nearest data center is
annually for bandwidth.
accessed, policy is enforced and only then is the Internet accessed with full protection and low latency.
”
The user gets the same policy and the same protection whether sitting at headquarters, in a hotel in London or in a coffee shop in Chicago.
Protect mobile device users. Every enterprise is adopting smartphones and tablets. Users get great productivity benefits from these devices as they access corporate services like email or SaaS applications. These devices typically operate on a 3G or 4G network and go directly to the Internet, making them a challenge to secure. This traffic does not go through an appliance, and users are often compromised. With Zscaler, you get the same policy and the same protection whether your users are on a PC, a laptop, a smart phone or a tablet.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
6
ZSCALER EBOOK
4
Protect your distributed enterprise. Today’s companies do not operate out of a single facility. A typical company has multiple offices in many cities, in countries around the world. A security appliance requires you to either backhaul traffic to headquarters or to a regional hub facility. Either way, you wind up paying twice for bandwidth. One Zscaler customer is protecting thousands of users at offices all over the world and is saving $1.6 million per month by avoiding backhauling costs alone.
5
Avoid network latency and improve the user experience. Zscaler provides a rich and fast Internet experience for the user. Avoiding the need to backhaul traffic does more than save money; it improves network performance. Zscaler can do this because its fundamental innovation lies in its ability to create a giant global network that acts as a single virtual proxy, so that any user can go to any gateway at any time for policy-based secure Internet access. The typical appliance overhead is simply no match.
Simplification of IT. No hardware. No software. No clients. No complications. Appliance vendors can’t say that. By consolidating multiple point products and not having to worry about large-scale deployments in multiple locations, the Zscaler Security Cloud frees valuable IT resources to focus on strategic and architectural challenges, not patching and managing boxes.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
7
Get real-time reporting that’s interactive and consolidated. With Zscaler you are not limited to batch reporting. Whether you have 500 employees or 50,000, you can view transaction level logs for any employee at any location from any destination within seconds. And, that’s backed by a Zscaler SLA. Appliance vendors typically require you to buy and maintain reporting servers, and still rely on batch reporting – with no SLA.
Best Total Cost of Ownership (TCO). With Zscaler, there is no CapEx. You are not buying and deploying hardware. Deployment costs are minimal. Ongoing management costs are minimal.
What Companies are Saying about Zscaler
“
12,000 locations
There are no patches or upgrades to worry about. You
backhauled to corporate
enjoy lower bandwidth costs. You get better security
headquarters. Saved 70% on
and fewer infected devices, meaning less time re-
bandwidth costs by adopting
imaging your hardware assets.
cloud-‐delivered security.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
”
8
ZSCALER EBOOK
9
Integration and consolidation of point products. Today, your DMZ most likely has several point products: a web proxy; a zero-day security product; a DLP appliance and more. Each product requires integration with Active Directory for user and group policy settings. That carries a burden in terms of actual cost and IT overhead. With Zscaler, integrated functionality gives you better security, a consistent user interface and consolidated policy and reporting.
Benefit from the largest security cloud in the industry. According to Gartner, Zscaler already has the largest global footprint of data centers among all security vendors. With data centers in over 100 locations around the world, the Zscaler Security Cloud processes over 10 billion transaction per day. One of our larger customers protects over 1.6 million users in over 180 countries. Reliability and availability SLAs are clearly published. That means you get proven scalability and reliability, and your employees get the same policy-based protection on any device in any location.
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
9
About Zscaler Zscaler is transforming enterprise security with the world’s largest Security Cloud built from the ground up to safely enable users doing business beyond the corporate network. See why global enterprises are using Zscaler today to simplify their IT operations, consolidate point security products, and securely enable their business for mobility, cloud and social media. For more information, visit www.zscaler.com
Copyright © 2013 Zscaler • Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. i n the United States.
10
