ZScaler recently announced the industry’s first Zero Trust Segmentation solution to provide a more secure, agile and cost-effective means to connect users, devices, and workloads across and within globally distributed branches, factories, campuses, data centres, and public Clouds.
While traditional networks, which include SD-WAN and site-to-site VPN, have extended enterprise connectivity to branches and clouds, they have also inadvertently accelerated the spread of ransomware. Although firewalls are used to do segmentation on networks, they add complexity, increase costs, and fail to provide adequate security.
Zero Trust Segmentation for branch and Cloud is a solution that prevents ransomware attacks, turns branches into simplified café-like environments and in the process eliminates the need for firewalls, network access control (NAC), SD-WAN and site-to-site VPNs.
Using a Zero Trust architecture, organisations are no longer required to extend the corporate network from the data centre to distributed locations and public Clouds. Each branch, factory and public Cloud becomes a virtual island that communicates directly with the Zscaler Cloud security platform over any broadband connection.
The Zscaler Zero Trust Exchange platform then applies business policies to securely connect users, workloads and devices. As a result, Zscaler is minimising the attack surface associated with public IPs, prevents ransomware from spreading between locations, and eliminates firewalls, SD-WAN and the reliance on Direct Connect and ExpressRoute.
“Traditional network and security architectures enable the spread of ransomware,” commented Dhawal Sharma, EVP of Product Management at Zscaler. “Using firewalls to segment business networks is extremely complex, turning into a never-ending initiative for many organisations. Integrating advanced technology from the recent AirGap acquisition, Zscaler Zero Trust Segmentation now offers the most advanced, robust protection against ransomware attacks, which can be implemented in days. Additionally, it delivers up to 50% cost savings by eliminating the need for legacy firewalls and complex infrastructures.”
With the increasing prevalence of IoT devices and operational technology (OT) systems in today’s branch offices and factories, security leaders are urgently working to protect their environments from sophisticated attacks. A recent Zscaler ThreatLabz report revealed that over 50% of OT devices rely on legacy, end-of-life operating systems with known vulnerabilities, leaving them highly susceptible to attacks. Zscaler’s solution securely segments every device—including legacy OT— within hours, without north-south firewalls.
“As OT devices are becoming increasingly common in our environment, ensuring their security is a top priority,” added Brian Morris, Vice President, Chief Information Security Officer, Gray Television. “Zscaler Zero Trust Branch has been nothing short of transformative. It has not only helped us reduce network costs, but has significantly reduced cyber risk and helped accelerate M&A integration.”
Relying on firewalls to secure workload communications in hybrid and multi-Cloud environments increases business risk and complexity. Each Internet-facing firewall presents a discoverable attack surface and can lead to inconsistent cyber threat and data protection, as each public cloud service provider operates differently.
Zscaler Zero Trust Segmentation addresses this by standardising multi-Cloud workload security for internet-bound traffic, communication between clouds and data centres, between Virtual Private Clouds (VPCs), and between workloads and processes. This scalable approach eliminates the need for firewalls, site-to-site VPNs, Direct Connect, or ExpressRoute, simplifying and strengthening security across diverse Cloud environments.
“Cloud is a critical component of our infrastructure, and we depend on Zscaler’s Zero Trust architecture to secure our cloud workloads,” said Shanker Ramrakhiani, CISO at IIFL. “Zscaler’s Zero Trust Cloud has empowered us to enforce consistent security across our data centres and multiple Clouds, simplifying operations and significantly reducing the risk of lateral threat movement.”
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.