Improves remote user experience
No need to log in to a VPN client
Seamless, cloud-like experience
Direct access to apps
Solutions > VPN Retirement
We know remote access VPNs are a pain
So we developed a better alternative for you.
Read Solution BriefA brief lesson in remote access VPN history
Thirty years ago, the corporate network was relatively simple. Security consisted of protecting applications inside the network and building a secure perimeter around them.
But then things changed. Applications began moving to the cloud, extending the perimeter to the internet. Users began using the cloud to work off-network and from any device, anywhere—usually without a VPN. Remote access VPNs worked well in the network-centric world, but they fail to deliver the zero-trust security, visibility, and experience needed in the age of cloud and mobility. It’s time to replace the remote access VPN.
Why the software-defined perimeter is the ideal VPN alternative
Enterprises must rethink the way users access applications. To move to a modern approach, where access is based on specific users and specific applications, many have turned to the software-defined perimeter (SDP). Built for the modern enterprise, this model enables zero-trust security by exclusively connecting authorized users to specific internal applications, without placing users on the network. Take a look at what this VPN alternative is bringing to enterprise environments.
The perimeter has extended to the internet,
so it’s time to retire the network-centric VPN
Zscaler Private Access (ZPA) is a software-defined service that provides secure access to any internal application, without the need for a remote access VPN. ZPA requires no appliances, but instead uses the Zscaler security cloud to deliver a zero-trust framework. ZPA uses encrypted tunnels and policies to create a segment of one between an authorized user and a named application. The inside-out connectivity from Z-Connector to cloud makes all applications invisible to the internet and creates an isolated environment around each application.
1. Z-App
- Mobile client installed on devices
- Routes traffic to Zscaler cloud
- Supports major operating systems
2. Z-Broker
- Stitches together app and user connection
- Hosted within the Zscaler security cloud
- Contains policy engine
3. Z-Connector
- Front-ends the internal app
- Deploys in any cloud or data center
- Creates inside-out connection to Zscaler security cloud
The benefits of VPN replacement
Enables a zero-trust security strategy
Application access, not network access
Apps are made invisible to internet
Enables discovery of shadow IT applications and application of controls
Supports all application types (server-side, web apps, etc.)
Simplifies implementation and management
ZPA software can be deployed in minutes
No need to manage ACLs or FW policies
Integrates with IDP providers and LDAP/AD
Can run in parallel with existing VPN services
Reduces costs
Scales without the need for physical or virtual appliances
Requires no replication of security stacks across data centers
Per-user pricing (unlimited devices per users)
See how this e-commerce company replaced its remote access VPN
and now provides a better experience while improving security.
Suggested Resources
