Zscaler


Zscaler is a global cloud-based information security company that provides Internet security, web security, firewalls, sandboxing, SSL inspection, antivirus, vulnerability management and granular control of user activity in cloud computing, mobile and Internet of things environments. As of 2015, Zscaler provides automated threat forensics and dynamic malware protection against advanced cyber threats, such as advanced persistent threats and spear phishing. It provides a cloud-based approach to security as a service. Zscaler was listed on the NASDAQ on 16 March 2018.

History, Fund-raising, and Valuation

The company was founded in 2008 by Jay Chaudhry, a serial security entrepreneur who previously founded and later sold AirDefense, CipherTrust, CoreHarbor and SecureIT, and Kailash, the former chief architect of NetScaler. The company is unique among the private technology company "unicorns" in being significantly self-funded by the founder himself, is cash-flow neutral, and is on a very fast track of growth year over year. In 2012, Zscaler raised $5 million in venture capital from Lightspeed Venture Partners plus received a strategic investment from EMC Corporation as part of a $38 million expansion round. Zscaler has a reported company valuation of "well north of $1 billion." On August 3, 2015, Zscaler announced a $100 million pre-IPO fundraising led by TPG Capital Growth. On September 23, 2015, Zscaler announced that the $100 MM round had been oversubscribed and has been raised to $110 million including a $25 million investment from Google Capital.
In April 2020, Zscaler agreed to purchase cloud security posture management startup Cloudneeti.

Technology

Zscaler is a cloud-based information security platform delivered through more than 100 global data centers and more than 1,000 points of presence. To use Zscaler, Internet traffic from fixed locations such as branch offices or factories, roaming devices and mobile devices is routed through Zscaler points of presence before being forwarded onward, toward the public Internet. Zscaler serves as a cloud-based proxy and firewall, routing all traffic through its software to apply corporate and security policies. Zscaler is designed to address the challenge of managing security in a world where cloud computing, mobility and the Internet of things are eroding the network perimeter. Zscaler centralizes administration of users and policies on a single Web interface with a simple visualization. Zscaler provides reports of user activity and gathers global threat data to protect its customers.

Products

Zscaler Internet Access (ZIA)

Zscaler Internet Access is a secure Internet and web gateway delivered as a service from the cloud. For offices and static locations, a tunnel is configured to the closest Zscaler data centers. For mobile employees, forward traffic can be forwarded via the Zscaler App or PAC file. Regardless of the method, identical protection is applied. Zscaler Internet Access sits between a user and the Internet, inspecting all traffic inline across multiple security techniques, even within SSL. ZIA provides full protection from web and Internet threats. The ZIA cloud platform supports Cloud Sandboxing, Next-Generation Firewall, Data Loss Prevention, and Cloud Application Visibility and Control.

Traffic Forwarding Methods

Zscaler supports multiple traffic forwarding methods, amongst which are options such as IPSec VPN, GRE tunnels, PAC files or proxy-chaining and app-based connectivity via the Zscaler App . Zscaler provides web-security, next generation firewall capability, SSL decryption and inspection, data leakage protection, intrusion detection, and advanced threat protection. Zscaler bills itself as a cloud-based, carrier-grade, globally deployed unified threat management system.

Zscaler for Advanced Persistent Threats

Zscaler for APTs provides protection from zero-day attacks and advanced persistent threats by combining proactive protection against known threats, file-based behavioral analysis and sandboxing, botnet detection and blocking, data exfiltration detection and blocking, plus security analytics such as threat intelligence feeds. Zscaler for APTs consolidates the commoditized features of existing security appliances to protect, detect and remediate advanced security threats.

Zscaler Next Generation Firewall

Zscaler Next Generation Firewall is an application and user-aware firewall that provides visibility and control over network traffic. It is unique in being entirely cloud-based and does not require any on-premises hardware or software, making it suited for protecting branch offices, retail stores, factories, remote location, mobile devices and Internet of Things deployments. Zscaler Next Generation Firewall also includes traditional firewall capabilities such as control over network ports and protocols.

Zscaler Web Security

Zscaler Web Security is a secure web gateway, which also includes a web filter, that runs on top of the Zscaler Security as a Service platform. In the Spring of 2015, both Gartner Group and Forrester Research ranked Zscaler Web Security at the upper right of their Magic Quadrant and Wave reports, respectively.

Zscaler Cloud Application Security

In 2015, Zscaler introduced Cloud Application Security capabilities designed to provide security, access management, visibility and policy-based controls over SaaS and cloud computing applications. Gartner Group is promoting the acronym CASB to describe this category of functionality. Pure-play CASB vendors also plug into Zscaler's platform to provide additional capabilities such as shadow-IT application discovery.

Zscaler Security Preview

In 2014, Zscaler released a free HTML5-based network security testing tool called Zscaler Security Preview. Zscaler Security Preview runs a suite of automated tests that inspects an organization's network security posture from the perspective of the client device that is running the test. For example, it tests to see whether virus samples hosted on content delivery networks are blocked, it attempts to exfiltrate valid payment card and social security numbers, and it detects whether communications with servers in prohibited countries such as North Korea and Iran are blocked. The tool is useful to quickly understand whether current network security infrastructure is properly implemented and configured.

Zscaler Mobile Security

Zscaler Mobile Security extends its real-time analysis and protection to mobile devices in BYOD environments by routing mobile traffic through its global cloud. Zscaler Mobile Security provides visibility into mobile application traffic, protection from web-based threats and rogue applications and policy enforcement on mobile devices.

Zscaler Private Access (ZPA)

Zscaler Private Access, launched in 2016, is a service that enables organizations to provide access to internal applications and services while ensuring the security of their networks. It uses the global Zscaler cloud infrastructure to enable application access independent of network access. It also decouples applications from the physical network to deliver granular, per-user access to application software and services running in the internal corporate network, in a datacenter, or in a public cloud. The service is based on Zscaler's global cloud, so there is no requirement for additional hardware or forklift upgrades of existing hardware, enabling rapid and unobtrusive adoption to support business needs. This enables an enterprise to allow employees, customers and business partners to securely access internal applications without any need for code refactoring or implementing hardware.

Zscaler Shift

Zscaler Shift is a cloud-based service that provides carrier-grade security and compliance. The main difference between Shift and Zscaler Internet Access is that Shift can be configured rapidly by setting Domain Name Service to point toward Shift. From there, Shift intelligently routes all suspicious traffic to the Zscaler cloud security platform for full in-line content inspection. This offers multiple security features including content filtering, threat security, Safe Search, and SSL inspection. In addition, Zscaler's Advanced Threat Protection blocks malicious active content, such as browser exploits, vulnerable ActiveX controls, malicious JavaScript, and cross-site scripting.

Technology Partnerships

Zscaler integrates with single sign-on providers including Azure AD, RSA, Okta, OneLogin and Ping Identity to enable simplified cloud application security. Zscaler integrates with mobile device management vendors, including AirWatch and MobileIron to enhance MDM with mobile security. Zscaler integrates with security information and event management vendors, including HPE ArcSight, IBM QRadar and Splunk, enabling data analysis, digital security forensics and compliance with industry and government regulations.

Global Carrier Adoption

Close to 50% of Zscaler's business is touched by one of the global telephone companies. As of 2015, AT&T, Verizon, British Telecom, Orange Business Services and Swisscom are all actively reselling Zscaler as part of their networking and security services. In January 2015, Zscaler closed a nearly $10,000,000 transaction at a Global 100 manufacturing company with British Telecom. Carrier adoption of Zscaler within very large distributed enterprises is tightly tied to cloud-enabled networking, which is the elimination of traffic backhaul across Multiprotocol Label Switching networks, in which network traffic is broken out locally via commodity Internet connections to local Zscaler data centers instead of being backhauled to corporate data centers over MPLS, typically resulting in 80% to 95% reduction in MPLS traffic with commensurate reduction in wide-area networking costs.

SSL Traffic Considerations

The Zscaler service operates by having all of the Internet traffic from its clients sent through Zscaler's network of global data centers. In order to monitor or inspect secure HTTPS connections, Zscaler uses TLS interception to decrypt SSL traffic for users going through the Zscaler service. When a user attempts to open an HTTPS website, Zscaler mimics the website, as the user accesses the server. In response to a CONNECT request by the web browser, the server will send Zscaler a server certificate. Zscaler will then check the validity of the cert and then create a new cert signed by Zscaler. The new cert will be sent to the web browser, and assuming that the user has pre-installed a company root cert, the browser will check the validity of the cert and then accept and install the cert and then will continue to access the website. If a root cert has not been installed, then the user will receive an error stating that there is a problem with the website's security certification and user will have the option to continue or not.
Since Zscaler is able to decrypt traffic, they are able to scan the content for any malicious traffic that would have otherwise come in over an encrypted channel while applying policy based on the unencrypted traffic for the user. They can also detect and block outbound attempts to exfiltrate data, such as by botnets, even when connections are encrypted by SSL. While administrators may specify which URL categories or custom domains should not be decrypted in order to ensure user privacy, cautious end-users should assume that personal browsing activity, such as email or online banking, could potentially be intercepted. Zscaler also has the option of blocking access to specific URL categories or customer domains, regardless of whether SSL decryption is enabled or not.

IPv6 Adoption

Although Zscaler participated in World IPv6 day, they do not support IPv6 as of early 2020.