Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2156
  • Last Modified:

Zscaler

Hi;
I am new to world of cloud security.. can someone please shine some light on how security is rendered to enterprise w/ zscaler?

Thanks;
0
totaram
Asked:
totaram
  • 6
  • 6
3 Solutions
 
jawafaCommented:
zscaler works as a proxy. This means that your computer sends all Internet traffic to/from the Zscaler systems. So, when you type a url in your browser (ex: www.google.com) That request is sent from your computer to the Zscaler systems. They then connect to the servers, send the request, and receive the response. The Zscaler systems then inspect the response to ensure it is safe and meets corporate policies before sending it to your computer.

Zscaler does this on an enterprise level by acting as a proxy for all computers in the environment. This can include gateway devices like a firewall, router, etc as well.
0
 
totaramAuthor Commented:
Thanks Jawafa;
What I do not understand is role of GRE tunnels, can you please explain that piece?
0
 
jawafaCommented:
GRE stands for Generic Tunnel Encapsulation. In short an encapsulation protocol takes existing network packets, encapsulates it into another network packet and then sends it to a new destination. This new destination receives the encapsulated packet, unpackages it to the original packet, and then processes the original packet on.

In this case, GRE takes the original network traffic and encapsulates it into another packet then sends this new packet to Zscaler Cloud. This is done at the firewall so that no reconfiguration of any single machine needs to be done. Once this encapsulated packet is received Zscaler unencapsulates the packet and then processes the original packet through their Zscaler Cloud systems. Once the response is received from the Internet then Zscaler Cloud will then encapsulate the traffic using GRE and then send it back to your firewall which will unencapsulate the traffic and process the response appropriately.

The plus of using a GRE tunnel is that all traffic from the enterprise environment will be directed to the Zscaler Cloud service. The downside is that anyone outside the corporate environment, think mobile users, will not be using Zscaler.
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
totaramAuthor Commented:
If mobile/smartphone users do not go through GRE tunnel, does it mean that the mobile security is less stringent than the enterprise zscaler security?
0
 
jawafaCommented:
The only network connections that are going to go through a GRE Tunnel are those that are connected to the corporate network. So, if a mobile device, phone or tablet, is using the corporate network, via wireless for example, then it will us the GRE Tunnel and be secured. However, it the mobile device uses a cellular connection (ex: 3G, 4G, etc) then it will not go through the GRE Tunnel to Zscaler.

This means that any mobile device that is not using the corporate network for communication to the internet will not benefit from Zscaler services.
0
 
totaramAuthor Commented:
Ok.. so for GRE tunnels we need to use the enterprise resources.. but can laptops, iPhones and other smartphones be configured to use Zscaler as a proxy, if we do not connect it using as VPN?
0
 
jawafaCommented:
I know Zscaler offers the service, but I do not about your relationship with them. That would be a question for Zscaler.
0
 
totaramAuthor Commented:
Thanks Jwata; now that we are @ this topic, can you please let me know what is bluecoat filter... I see it quite a bit in ref to zscaler...
0
 
jawafaCommented:
Bluecoat is an appliance based proxy that one can install into their network. This appliance then proxies all appropriate network traffic (ex: http, ftp, http/s, etc) to filter and scan the traffic. These appliances traditionally use a rule set of good and/or bad urls to block or allow traffic. Since the dynamic nature of the Internet enables malicious individuals to change their location rapidly these static filters are not able to keep up.

Bluecoat has an Internet based filter system that is designed to try and keep pace with these rapidly moving malicious individuals. This filter systems gathers information from a number of sources and continually updates the rulesets on ones local appliance.

My guess is that Zscaler references Bluecoats capabilities here because of Bluecoat is one of the recognized leaders in the proxy server space and has a large percentage of the market share.
0
 
totaramAuthor Commented:
I thought that description that is used above is for web browser proxy configuration using PAC files... is bluecoat filtering same as browser proxy confguration?
0
 
jawafaCommented:
At its most basic definition Bluecoat filter refers to the URL filtering rulesets that are active on the appliance.
0
 
totaramAuthor Commented:
Hi Jawafa;
Is there any authentication that users have to go thro' before using Zscaler features. My initial feeling tells me there should not be pne, but on second thought how does one Dept know that they have BW priority over other Dept???
0

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now