Native AWS Workload Tagging integration provides segmentation granularity by Zscaler policy and multi-session VDI security; expanded cloud coverage simplifies and further expands zero trust security for cloud workloads
- Cloud security leader Zscaler presents new innovations to simplify securing cloud workloads with its Zero Trust Exchange platform. These innovations eliminate lateral movement, reduce operational costs and complexity, and ensure consistent protection of data against threats. Zscaler now offers native integration with user-defined AWS tags to support granular zero trust VPC segmentation, inspection of all ports and protocols for cloud-based VDI and extension to GovCloud and regional public clouds.
Public cloud adoption is enabling digital transformation at scale. This has dramatically increased the number of cloud-based workloads hosting sensitive communications and data via SaaS applications or in multiple public clouds or data centres. Securing such mission-critical workloads is crucial for organisations to ensure success and protect sensitive data. However, this is also one of the biggest challenges. Other challenges include managing the extensive attack surface, increasing operational overhead and degrading performance. In addition, an IDG report shows that 35% of customers struggle with higher cloud management and security costs.
New developments in Zscaler Workload Communications remove operational complexity, improve security and extend cloud coverage:
- Segmentation of workloads with user-defined tags: On AWS, Zscaler uniquely enables the creation of custom security groups based on user-defined tags and native attributes. By supporting AWS' maximum tag limit, organisations can leverage their existing workload identities for VPC or network segmentation within the public cloud. In addition, they can eliminate the operational complexity associated with managing security policies based on IP addresses, FQDNs and CIDR blocks.
- Real-time resource detection: By enabling custom groups, Zscaler's native integration with AWS automatically discovers VPCs, subnets and EC2 resources, including their associated tags and attributes, in real time. Organisations can now effortlessly integrate security definitions based on cloud attributes, eliminating the need for manual configurations.
- Multi-session VDI security: Zscaler inspects all ports and protocols for multi-session, non-persistent VDI deployments in the public cloud. Organisations can now apply detailed threat and data protection policies per individual user session, maintaining a common security policy across all environments.
Comprehensive cloud coverage: Workload Communications now supports Google Cloud Platform (GCP), Azure China Regions and AWS GovCloud with FedRAMP certification. With AWS, Azure and now extended cloud support, organisations can consistently and effectively secure their cloud workloads while retaining the flexibility of the public cloud.
"As customers accelerate the adoption of public cloud infrastructure, they need a simple and effective cloud security platform to protect their cloud workloads and applications. Old architectures built with virtual network and security appliances, or backhauling traffic to data centres, do not provide consistent cyber security and increase operational complexity and costs," said Dhawal Sharma, senior vice president and general manager at Zscaler. "These new innovations radically simplify the connectivity of cloud workloads and provide cyber security, including TLS inspection, data protection and segmentation at scale and speed. Customers can use the Zscaler Zero Trust Exchange platform to connect and protect workloads in the multi-cloud, hybrid and private cloud, government cloud and specialist availability regions such as China."
