Search form

SOLUTIONSSD-WAN

SD-WAN makes local breakouts easy.
Zscaler makes them secure.

Zscaler and SD-WAN: Securely enabling the Internet-only branch

LEARN MORE

Are you deploying cloud applications and services, like Office 365?

If so, the traditional approaches to routing and securing Internet traffic are no longer relevant.

To deliver a fast user experience and properly support cloud apps, Internet traffic must be routed locally. Software-Defined Wide Area Networking (SD-WAN) makes it easy to establish local Internet breakouts. But, the traditional approach to secure branch locations creates challenges.

Challenges with Traditional Hub-and-Spoke

  • Backhauling over MPLS is expensive
  • Introduces latency
  • Negatively impacts user experience

Challenges using UTM and NGFW Appliances

  • Dramatically raises deployment costs
  • Creates unmanageable appliance sprawl
  • Compromises branch security
  • Significantly impacts performance as you activate services or try to inspect SSL traffic


Traditional Hub-and-Spoke

The traditional hub-and-spoke architecture is costly, creates poor user experience, and results in appliance sprawl.

90’s Architecture creates
expensive backhauling and
breaks user experience



UTM/Firewall Appliance Sprawl

Problem with using UTM and NGFW appliances is that it is expensive to purchase, deploy, and manage. It also compromises branch security.

Compromises security and is
expensive to purchase,
deploy and manage


Zscaler and Viptela demonstrated their leadership and ability to deliver the enterprise SD-WAN and cloud-based security we were after. This has fundamentally transformed our cost structure and enabled us to confidently realize the benefits of operational efficiency and scalability around the globe.
Pascal Heger, Global Network Architect at Agilent

With the Zscaler Cloud Security Platform and SD-WAN, Agilent established secure local Internet breakouts for 120 remote sites. The company had been backhauling traffic to six regional data centers with stacks of security appliances, but with Zscaler, Agilent secured its sites at the edge — without deploying 240+ security appliances.

READ THE CUSTOMER STORY

SD-WAN optimizes branch traffic routing

SD-WAN uses software-defined policies to select the best path to route traffic to the Internet, cloud applications, and the data center.

But, these local breakouts need to be secured without complicating your network.

LEARN MORE

  • Makes it easy to establish local Internet breakouts
  • Simplifies how traffic is routed in the branch
  • Enables rapid deployment of new applications and services
  • Empowers organizations to manage policies across a large number of locations

Zscaler provides everything you need to secure your SD-WAN deployment

SD-WAN connects your branches to the Internet. Zscaler secures the Internet connection and delivers a fast user experience — without backhauling and without duplicating the security appliance stack at each location.

Because the Zscaler Cloud Security Platform delivers the entire security stack as a cloud service, there is no compromising on security. Zscaler inspects all Internet traffic – and provides access controls across all ports and protocols, including SSL. And with Zscaler, policies are not tied to a physical location; instead, they follow users to provide identical protection no matter where they connect.

LEARN MORE

Zscaler secures internet connection for SD-WAN, while delivering fast user experience without the need for backhauling.

Zscaler and SD-WAN

The perfect partnership to securely connect your branches directly to the Internet

Reduce costs and complexity and eliminating the need for traditional network and security appliances.

Reduce costs and complexity

Zscaler and SD-WAN enable the Internet-only branch without the cost and complexity of traditional network and security appliances

SD-WAN

  • Simplifies connecting branches to the Internet by using software-defined policies and eliminating complex routing policies associated with traditional appliances
  • Leverages multiple branch connection types (broadband, VPN over broadband, LTE, and MPLS) to allow fast and reliable connectivity between branch, data center, and the Internet

Zscaler

  • Secures local Internet breakouts by delivering the entire security stack as a cloud service, eliminating the need for branch firewalls and UTMs
  • Provides a fast user experience and reduces MPLS costs

Zscaler delivers security 100% from the cloud, simplying operations while routing traffic through software-defined policies.



Simplify operations

Zscaler and SD-WAN simplify branch operations by delivering security as a cloud service and using software-defined policies to route traffic

SD-WAN

  • Uses software policies that are defined in a single cloud management console to determine how traffic is routed

Zscaler

  • Eliminates the need to buy, deploy, and manage stacks of security appliances in branch locations
  • Enables security and access policies to be centrally defined in a single console, and any changes are immediately enforced across all locations
  • Security services can be turned on across all locations in minutes, with just a few clicks
  • Prioritizes business applications, like Office 365, over YouTube and streaming media

Equal security is applied to all users regardless of their location. Zscaler's security cloud is easily scaled and enables rapid deployment.



Security and scale

Zscaler provides identical protection for users wherever they connect

Zscaler

  • Purpose-built platform delivers a full set of security and access controls as a cloud-based service – no compromising on security
  • Performs full inline content inspection and access controls for all ports and protocols with full logging capabilities
  • Natively inspects SSL traffic
  • Cloud services scale elastically to enable rapid deployment of new features (bandwidth control or data loss prevention) without impacting performance or requiring appliance refreshes
  • Brings the entire security stack close to the user, ensuring identical protection for users from wherever they connect

Zscaler secures the best in SD-WAN

Together with our SD-WAN partners, Zscaler makes it easy to migrate from hub-and-spoke to an Internet-only brancharchitecture by enabling secure local Internet breakouts. Zscaler partners with the world’s leading SD-WAN providersto help our customers reduce the cost and complexity of routing traffic locally and securely, simplify branchoperations, and scale to meet their unique business needs.

Learn more about our solutions with SD-WAN partners

Zscaler has partnered with leading SD-WAN provider, Viptela, to help customers reduce cost, simply operations, and scale.

Zscaler has partnered with leading SD-WAN provider, Riverbed, to help customers reduce cost, simply operations, and scale.

Zscaler has partnered with leading SD-WAN provider, Nuage Networks, to help customers reduce cost, simply operations, and scale.

Zscaler Cloud Security Platform

Everything you need to secure your SD-WAN deployment

ACCESS CONTROL
CLOUD FIREWALL
URL FILTERING
BANDWIDTH CONTROL
DNS FILTERING
THREAT PREVENTION
ADVANCED PROTECTION
CLOUD SANDBOX
ANTI-VIRUS
DNS SECURITY
DATA PROTECTION
DATA LOSS PREVENTION
CLOUD APPS (CASB)
FILE TYPE CONTROLS

POWERED BY PATENTED TECHNOLOGIES

SSMATM

All security engines fire with
each content scan – only
microsecond delay

ByteScanTM

Each outbound/inbound
byte scanned, native SSL
scanning

PageRiskTM

Risk of each object
computed inline,
dynamically

NanologTM

50:1 compression,
real-time global log
consolidation

PolicyNowTM

Polices follow the user
for same on-premise, off-premise protection

Learn more about Zscaler and SD-WAN

Zscaler and SD-WAN

READ THE SOLUTION BRIEF 

Zscaler and SD-WAN

LEARN ABOUT OUR PARTNERS 

Cloud Security for SD-WAN

WATCH THE WEBCAST 

Make Zscaler part of your
SD-WAN deployment plan

 REQUEST DEMO 

Zscaler offers demos for organizations that are interested in SD-WAN deployment.