Book Image

Zscaler Cloud Security Essentials

By : Ravi Devarasetty

Book Image

Zscaler Cloud Security Essentials

By: Ravi Devarasetty

Overview of this book

Many organizations are moving away from on-premises solutions to simplify administration and reduce expensive hardware upgrades. This book uses real-world examples of deployments to help you explore Zscaler, an information security platform that offers cloud-based security for both web traffic and private enterprise applications. You'll start by understanding how Zscaler was born in the cloud, how it evolved into a mature product, and how it continues to do so with the addition of sophisticated features that are necessary to stay ahead in today's corporate environment. The book then covers Zscaler Internet Access and Zscaler Private Access architectures in detail, before moving on to show you how to map future security requirements to ZIA features and transition your business applications to ZPA. As you make progress, you'll get to grips with all the essential features needed to architect a customized security solution and support it. Finally, you'll find out how to troubleshoot the newly implemented ZIA and ZPA solutions and make them work efficiently for your enterprise. By the end of this Zscaler book, you'll have developed the skills to design, deploy, implement, and support a customized Zscaler security solution.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Section 1: Zscaler for Modern Enterprise Internet Security

Section 1: Zscaler for Modern Enterprise Internet Security

Free Chapter

Chapter 1: Security for the Modern Enterprise with Zscaler

Chapter 1: Security for the Modern Enterprise with Zscaler

Fundamental definitions in security

Understanding the evolution of the modern enterprise and its workforce

Exploring the need for scalable, cloud-based security

Using Zscaler Internet Access for a safe and secure internet experience

Using Zscaler Private Access for secure application access

Chapter 2: Understanding the Modular Zscaler Architecture

Chapter 2: Understanding the Modular Zscaler Architecture

Introducing the Zscaler cloud architecture

Understanding the CA – where the core resides

Using Zscaler PSEs – where the policies are applied and enforced

Monitoring user and application activity using Nanolog clusters

Protecting enterprise users and infrastructure with Sandbox

Further reading

Chapter 3: Delving into ZIA Policy Features

Chapter 3: Delving into ZIA Policy Features

Technical requirements

Understanding the ZIA Web policy

Exploring the ZIA Mobile policy

Learning about the ZIA Firewall policy

Order of policy enforcement

Further reading

Chapter 4: Understanding Traffic Forwarding and User Authentication Options

Chapter 4: Understanding Traffic Forwarding and User Authentication Options

Technical requirements

Understanding traffic forwarding

Exploring ZCC internet traffic forwarding

Evaluating user authentication options

Further reading

Chapter 5: Architecting and Implementing Your ZIA Solution

Chapter 5: Architecting and Implementing Your ZIA Solution

Analyzing the security posture of the enterprise

Creating a customized ZIA solution for the enterprise

Implementing the ZIA solution across the enterprise

Further reading

Chapter 6: Troubleshooting and Optimizing Your ZIA Solution

Chapter 6: Troubleshooting and Optimizing Your ZIA Solution

Technical requirements

Setting up proactive ticketing and alerts

Producing reports for management review

Generating custom widgets for the ZIA Dashboard

Creating a unified ZIA troubleshooting guide

Further reading

Section 2: Zero-Trust Network Access (ZTNA) for the Modern Enterprise

Section 2: Zero-Trust Network Access (ZTNA) for the Modern Enterprise

Chapter 7: Introducing ZTNA with Zscaler Private Access (ZPA)

Chapter 7: Introducing ZTNA with Zscaler Private Access (ZPA)

What is ZTNA and how does ZPA fit in to this?

Delving into the ZPA architecture

Exploring clientless ZPA solutions

Further reading

Chapter 8: Exploring the ZPA Admin Portal and Basic Configuration

Chapter 8: Exploring the ZPA Admin Portal and Basic Configuration

Navigating around the ZPA Admin Portal

Configuring the ZPA log servers for activity insights

Integrating with Azure AD and Okta for SSO

Configuring the ZCC app for ZPA

Further reading

Chapter 9: Using ZPA to Provide Secure Application Access

Chapter 9: Using ZPA to Provide Secure Application Access

Deploying App Connectors

Configuring ZPA applications

Exploring the best practices for enterprise deployments

Further reading

Chapter 10: Architecting and Troubleshooting Your ZPA Solution

Chapter 10: Architecting and Troubleshooting Your ZPA Solution

Architecting your ZPA solution

Troubleshooting your ZPA solution

Further reading

Assessments

Chapter 1 – Security for the Modern Enterprise with Zscaler

Chapter 2 – Understanding the Modular Zscaler Architecture

Chapter 3 – Delving into ZIA Policy Features

Chapter 4 – Understanding Traffic Forwarding and User Authentication Options

Chapter 5 – Architecting and Implementing Your ZIA Solution

Chapter 6 – Troubleshooting and Optimizing Your ZIA Solution

Chapter 7 – Introducing ZTNA with Zscaler Private Access (ZPA)

Chapter 8 – Exploring the ZPA Admin Portal and Basic Configuration

Chapter 9 – Using ZPA to Provide Secure Application Access

Chapter 10 – Architecting and Troubleshooting Your ZPA Solution

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Chapter 1: Security for the Modern Enterprise with Zscaler

In the past few years, there has been a momentous shift in the way modern enterprises have evolved. They have moved from a traditional hub-and-spoke, data center type of network to a cloud-based or anywhere-access type of network. The core locations have become more decentralized because the employees are now based in various geographies and the applications are migrating to the cloud.

When we look at the infrastructure itself, enterprises invest in a variety of products such as routers, switches, and firewalls to implement various functions such as authentication and security. These products very quickly reach end-of-life from a capacity and a vendor-support perspective. This, in turn, causes the enterprises to upgrade in a 3- to 5-year cycle where they must do a lift and shift of the entire hardware in their data center. This moves the enterprise expenditure from an OPEX to a CAPEX model, which is not desirable from a business and planning perspective.

In this chapter, we will see how Zscaler steps in as a cloud-based security solution. The ZIA product provides secure internet access and the ZPA product brings the geographically spread-out end users and enterprise applications together. They both provide the following benefits:

There are no upgrade cycles for the enterprise as Zscaler takes care of that.
There is a shift from CAPEX to OPEX, which enterprises like because of predictability.
An amazing user experience as users can access applications using the best path.

In this chapter, we are going to cover the following main topics:

Fundamental definitions in security
Shift of the modern enterprise and its workforce
The need for scalable, cloud-based security
Zscaler Internet Access (ZIA) for a safe and secure internet experience
Zscaler Private Access (ZPA) for a zero-trust private application access

Let's get started!