Zscaler book

Learn how Zscaler enables work-from-anywhere.

Download the eBook today

Zscaler book

Learn how Zscaler enables work-from-anywhere.

Download the eBook today

Ressourcen > Sicherheitsbegriffsglossar > Was ist Netzwerksicherheit?

What is network security?

What is network security?

Network security is the strategic combination of hardware and software designed to protect the sensitive data housed within the corporate data center. Network security has evolved over the years as more traffic was bound for the internet as opposed to staying on the local network. Today’s stack in a security gateway, which monitors traffic going to and from the internet, includes and complex array of firewalls, intrusion prevention systems, sandboxes, URL filters, antivirus technology, data loss prevention systems, DNS filters, and many more devices and tools designed to keep outside attacks from entering the network and reaching the data and intellectual property inside.

The way it was

The corporate network has often been described as the heartbeat of an organization. It was where most, if not all, of your company’s data was stored. It housed all of the work applications your employees needed to do their jobs. And it was protected by a firewall and other security applications in an attempt to keep unauthorized individuals from accessing your critical data. This was often referred to as the castle-and-moat model, where the castle sits in the middle with a moat surrounding it in an effort to keep out invaders.

The castle-and-moat model worked well enough when employees worked exclusively in the corporate headquarters, and when the applications they needed were either installed directly on their computers or available from the data center.

Network and network security architectures were designed for an era that is waning, and they are unable to effectively serve the dynamic secure access requirements of digital business.

- Gartner, “The Future of Network Security Is in the Cloud,” August 2019

However, as companies began to grow and open remote offices, a new challenge arose − connecting these remote employees to the data center in the corporate headquarters. Of course, organizations quickly realized that re-creating their security stack at each of their remote offices was too expensive and impractical. And, this option wouldn’t help employees who worked outside one of your offices. This gave rise to virtual private network (VPN) solutions, which allowed these remote employees to access the corporate network. However, VPNs did not provide employees with the quality experience they had in the office. It was often difficult to connect or the connection would often drop. It proved to be a frustrating experience. In addition, VPNs gave users access to the entire network, opening up your organization to increased threats from hackers and other unauthorized individuals.

The birth of the cloud and the rise of cloud-based applications, as well as the explosion of mobility and mobile employees, added another level of complexity to network security. With employees moving farther away from headquarters and applications no longer residing in the data center, the network was no longer the center of an organization’s universe. Yet, the security applications were still in the data center. So, how were organizations going to protect users heading to the internet? The common practice was to backhaul internet-bound traffic through the security of the data center. However, this practice came with its own problems. Mostly, it caused latency in application performance and a poor user experience. In addition, these cloud-based applications caused a huge uplift in bandwidth consumption, causing more stress on the network.

The evolution from network security to cloud security

The legacy network was slowly eroding and traditional network security was becoming ineffective. The network perimeter was gone. Organizations needed a modern security platform to address the challenges of the cloud and mobility. The best answer is a cloud-based solution that decouples security from the network and uses policies that are enforced anywhere apps reside and everywhere users connect.

The legacy “data center as the center of the universe” network and network security architecture is obsolete and has become an inhibitor to the needs of digital business.

- Gartner, “The Future of Network Security Is in the Cloud,” August 2019

Netzwerksicherheit neu gedacht

Mehr erfahren

Übersicht: Cloud-Sicherheit

Watch the video

Zscale Enables Network and Application Transformation for MAN Energy Solutions

Read the case study

By moving security off the network and into the cloud, you put the full stack of network security engines everywhere your users go. Because security protections are applied consistently, you have the exact same protections in a branch office, at home, or in an airport as you have in the corporate headquarters.

Compared to traditional network security, a cloud-based security solution provides:


  • Schnellere Nutzererfahrung – Benutzer erhalten den kürzesten Pfad zu Anwendungen oder dem Ziel im Internet.
  • Better security − Security teams can inspect all internet traffic, including SSL, and correlate threat data in real time.
  • Reduced costs − Organizations no longer have to buy and maintain multiple network security appliances.
  • Einfachheit – Eine als Service bereitgestellte Lösung reduziert die Komplexität der Verwaltung mehrerer Geräte.

When organizations transition from traditional network security to cloud security, they get fast and secure policy-based access to internally and externally managed applications. Basically, cloud security provides the complete gateway stack—inbound and outbound—delivered as a cloud service.

Interne Applikationen

A cloud-based solution securely connects authorized users to internally managed applications. Users are never on the corporate network, which minimizes the attack surface. Apps are invisible and never exposed to the internet. This means they cannot be discovered or exploited by cybercriminals. In addition, organizations can segment apps without network segmentation, meaning lateral movement throughout the network is impossible. It also allows organizations to easily move internal apps to Azure or AWS, where these private apps are accessible with a cloud-like user experience.

External apps

A cloud-based solution securely connects users to externally managed SaaS applications and internet destinations. It should provide full inline content inspection on all ports and protocols, as well as provide native SSL scanning. It should feature integrated security techniques as well as a dynamically computed risk score. Using cloud intelligence, once a threat is identified, it can be blocked for all customers.

See the difference for yourself

Are you still relying on legacy network security? Could your company be safer with cloud security? Take this security preview test to find out how well your company is protected against ransomware and other threats. The test is safe, free, and informative.

Additional resources: