taginlineimport On November 15, I was invited with a group of journalist to a press tour in the Silicon Valley (a sequel to our June 2010 press tour in the Valley). Our first presentation took place in Sunnyvale, Calif. at the main office of Zscaler, a ground-breaking cloud security provider.
- largest standalone cloud security company protecting 800 companies in 140 countries, millions of users
- manage a cloud deployed across 40+ data centres globally
- r&d over 3 continents and own 30 patents on cloud security technologies
- with offices in 15 countries, US, Europe and APA
- positioned as the "most visionary" company by Gartner
- growing revenue by 50%
- clients include LVMH, Allianz, VW, Coca Cola, Wipro etc.
- "anyone who uses the Internet is a potential client of ours"
- in France, there are already many clients (see slide)taginlineimportalready, and Orange Business Services is a partner of Zscaler's (some of the French clients quoted on that slide were closed with Orange Business Services)
market overview: examples of how security is evolving on the Internet
- Web (http protocol) has become main attack vector
- over 80% of threats coming from the Web from 5% in 2000
- It's no longer USB disks or floppy disks
- 85% of all traffic coming in and out of all companies (all types, small or large) is Web-based, this is why threats are coming from there too
Challenges facing the world in terms of Internet security
- all content is active, live with Flash and Java, and this is what is making security threats more challenging
- filtering: most companies want to control where employees are going. But the old list-based url is not working anymore. Facebook, wikipedia have evolving urls and it's changing all the time. Besides blocking Facebook is an issue if the same company is launching multi million dollar advertising campaigns on Facebook!
- Web 1.0 sites were read-only whereas Web 2.0 sites are now a cause for iinformation leaks: webmail, blogs, IM ...
- bandwidth is a real issue. Video is 20 times more exacting than text and companies are very concerned about the amount of bandwidth which is being used by video
- Road warriers are new challenge too: people go to salesforce.com and so many online applications that the Web has become so critical. So it is of paramount importance to protect the road warriers
- the last and one of the biggest challenge is cost and complexity: CEOs impose CIOs to do 20% more with a flat or even decreased budget
What Zscaler does and how they do it
- Zscaler sits between the user and the Internet anywhere in the world, whereever they are, and whatever device they use. User goes to the Zscaler cloud, and Zscaler is the trusted third party and is termiinating the transaction to the Internet.
- This is done with no hardware, no software, no plug-in, nothing!
- This is why very international companies choose Zscaler.
- How is it done?
- in the browser, one has proxy settings, and one has to change the proxy setting, it's all you have to do and it can be done remotely
- can be done at device or office level, from the firewall or router
- Zscaler's cloud is the most global cloud in the industry
- The "policies" are kept in the cloud and are moved around as companies and users are moving by moving the policies to the closest data centre. This is what is called "shadow policies"
- Latency is important, and this is why data centres have to be as close to users as possible
- In the past 6-7 years, companies have deployed MPLS networks: the biggest benefit is that bandwidth is divided by 2 and that latency is also improved. But network topologies are changing slowly because enterprises have spent a lot of time putting all their network topology together and they are naturally reluctant to throw everything away now. Hence it's best to let them be more comfident with the service before they change their network infrastructure and re-engineer it.
- for all French customers, Zscaler is managing tens of thousands of users with just two boxes, and this is a lot easier and more cost effective than managing the complexity of myriad CPE's (Customer Premises Equipment)
- Will it slow things down?
- Traditional security devices are firewall devices which weren't designed to scale
- Zscaler had to build new boxes which are very scalable
- Standard costs to open 1 data centre is $1m, whereas Zscaler is able to open one for a fraction of that, with 2 boxes and can serve half a million users for that price
- nanolog technology is a special technology which compresses logs and speeds up transactions, it has been developed by Zscaler (traditional logs for an average large company are going to generate 50-100GB of data every day. none of that information can be searched or used)
- If everything is centralised how do minimise threats?
- the goal of a cracker is to get to the user's machine an monetise information or turn it into a bot
- Zscaler is just a conduit, hence it's just a bridge, and there is not much value in accessing Zscaler's boxes
- Zscaler spends an awful lot of time and R&D to protect their servers and make the service safe
- 4 types of Services come on top of that infrastructure:
- Web security: Antivirus and Advanced threats browser contro, E-mail security
- Web control: url filtering, web 2.0, limiting bandwidth (i.e. ensuring that YouTube for instance will not take up more than 30% of the total bandwidth)
- Web DLP (data leaks/loss prevention)
- Web analytics
- save money and time, best security and policy management, real time reporting, easy to deploy data loss protection mechanism, near-zero latency (high performance proxy and breadth of cloud), integrated email & web
- What Zscaler isn't: Zscaler isn't playing in the Wan optimisation space
I specialize in information systems, HighTech marketing and Web marketing. I am author and contributor to numerous books and the CEO of Visionary Marketing. As such, I contribute regularly on this blog for Orange Business Services account on cloud computing and cloud storage topics.