YOUR FUTURE IN THE CLOUD
Kevin Peterson, CISSP Director | Security & Network Transformation
©2017 Zscaler, Inc. All rights reserved. 2
KEVIN PETERSON, CISSPDirector | Security & Network Transformation
29 Years in Security
5Years as a Silicon Valley Product Manager
8Years as a Fortune 15 Security Practitioner
3Years as a Silicon Valley Security Executive
2 IT Related Patents
1 IT Security Book
And more blog posts, webcasts, white papers, and social media posts than can be reliably counted.
47 Speaking Events in 2016 Alone
Plus multiple advisory board positions from Silicon Valley to higher education.
©2017 Zscaler, Inc. All rights reserved. 3
CLOUD
INTERNET / MOBILITY
CLIENT / SERVER
MAINFRAME
80s
90s
00s
10s
Megashifts create business opportunities and new leaders
Cloud and mobility are creating the biggest megashift
©2017 Zscaler, Inc. All rights reserved.4
30 Years of Networking and Security Complexity
UTM Firewall
Restricted Network
Non-Compliant users
Remediation Servers
Firewall
Web Scanners
NAC/NAPSecurity Policy
SIEM Servers
Threat Analysis
Security Management Network
Data Center
File Servers Mainframe
DatabaseExchange Servers
Domain Servers
Firewall DLP
Storage
Public Key Infrastructure
Keys
Certificate Authority
UTM Firewall
LDAP
Management Console
Wireless Access
DLP
UTM Firewall
Wi-Fi Network
IPS
Mobile User
UTM Firewall
Enterprise Users
DC/ DNS Exchange
DHCP
AV, Anti
Malware
Remote Access
UTM Firewall
Remote Access
Gateway
CORPORATE NETWORK
DLP
RouterRegional
Office
VPN
MobileDevice
Management
DNS Exchange
VPN
FtpWeb
Users
InternetRouter Outside
Firewall
Web Server
Email Server
WAF
Inside Firewall
SwitchSwitch IDS / IPOS
UTM Firewall
DLP
Analytics/ SIEM
Networking
Security
Compute
©2017 Zscaler, Inc. All rights reserved.4
UTM Firewal
l
Restricted Network
Non-Compliant
usersRemediation Servers
Firewall
Web Scanners
NAC/NAPSecurity Policy
SIEM Servers
Threat Analysis
Security Management Network
Data CenterFile
ServersMainframe
DatabaseExchange Servers
Domain Servers
Firewall
DLP
Storage
Public Key Infrastructure
Keys
Certificate Authority
UTM Firewal
l LDAP
Management Console
Wireless Access
DLPUTM
Firewall
Wi-Fi Network
IPS
MobileUser
UTM Firewal
l
Enterprise Users
DC/ DNS Exchange
DHCP
AV, Anti
Malware
Remote Access
UTM Firewal
l
Remote AccessGatewa
yCORPORATE NETWORK
DLP
RouterRegiona
l Office
VPN
MobileDevice
Management
DNS Exchange
VPN
FtpWeb
Users
InternetRouter Outsid
e Firewal
l
Web Serve
r
Email Serve
rWAF
Inside Firewal
l
SwitchSwitch IDS / IPOS
UTM Firewal
l
DLP
Analytics/ SIEM
NetworkingSecurity
Compute
Cloud and mobility are disrupting the security and networking industries
APPS
HQMOBILE BRANCHIOT
©2017 Zscaler, Inc. All rights reserved.4
Zscaler enables secure IT transformation to the cloud
Network Security is becoming irrelevant
Securely connecting the right user and device to the right app
and service over the Internet
APPS
HQMOBILE BRANCHIOT
©2017 Zscaler, Inc. All rights reserved. 5
CORPORATE NETWORK
Internet Gateway: Security perimeter to protect the corporate network
Circa 1987 – 1994– 1999 – 2000 – 2004
©2017 Zscaler, Inc. All rights reserved. 5
FW / IPS
Internet Gateway
URL Filter
Antivirus
DLP
SSL
Sandbox
Internet gatewaysSecure access to the
Internet
CORPORATE NETWORK
Internet Gateway: Security perimeter to protect the corporate network
Circa 1987 – 1994– 1999 – 2000 – 2004
©2017 Zscaler, Inc. All rights reserved. 5
FW / IPS
URL Filter
Antivirus
DLP
SSL
Sandbox
Global LB
DDoS
Ext. FW/IPS
RAS (VPN)
Internal FW
Internal LB
Internet gatewaysSecure access to the
InternetVPN gatewaysRemote access to DC apps
CORPORATE NETWORK
Internet & VPN Gateway
Internet Gateway: Security perimeter to protect the corporate network
Circa 1987 – 1994– 1999 – 2000 – 2004
©2017 Zscaler, Inc. All rights reserved. 6
HQEMEA
Branch
APJ
Branch
Branch
Branch
Branch Branch BranchBranch
Open Internet
Cloud and mobility break network security
Perimeter – N
etwork Security
©2017 Zscaler, Inc. All rights reserved. 6
HQEMEA
Branch
APJ
Branch
Branch
Branch
Branch Branch BranchBranch
Home, Coffee Shop Airport, Hotel
Open Internet
Cloud and mobility break network security
Perimeter – N
etwork Security
©2017 Zscaler, Inc. All rights reserved. 6
HQEMEA
Branch
APJ
Branch
Branch
Branch
Branch Branch BranchBranch
Home, Coffee Shop Airport, Hotel
SaaS Open Internet IaaS
Cloud and mobility break network security
Perimeter – N
etwork Security
“GE will run 70 percent of its workload in the cloud by 2020”
Jim Fowler, CIO
©2017 Zscaler, Inc. All rights reserved. 6
HQEMEA
Branch
APJ
Branch
Branch
Branch
Branch Branch BranchBranch
Home, Coffee Shop Airport, Hotel
SaaS Open Internet IaaS
Cloud and mobility break network security
Perimeter – N
etwork Security
“GE will run 70 percent of its workload in the cloud by 2020”
Jim Fowler, CIO
“Office 365 was built to be accessed via direct Internet connection”
©2017 Zscaler, Inc. All rights reserved. 6
HQEMEA
Branch
APJ
Branch
Branch
Branch
Branch Branch BranchBranch
Home, Coffee Shop Airport, Hotel
SaaS Open Internet IaaS
Cloud and mobility break network security
Perimeter – N
etwork Security
The Internet is Your New Corporate Network
“GE will run 70 percent of its workload in the cloud by 2020”
Jim Fowler, CIO
“The Internet will be our new corporate network by 2020”
Frederik Janssen, Head of Infrastructure
“Office 365 was built to be accessed via direct Internet connection”
©2017 Zscaler, Inc. All rights reserved. 6
HQEMEA
Branch
APJ
Branch
Branch
Branch
Branch Branch BranchBranch
Home, Coffee Shop Airport, Hotel
SaaS Open Internet IaaS
Cloud and mobility break network security
Perimeter – N
etwork Security
How do you secure a network (Internet) you don’t control?
©2017 Zscaler, Inc. All rights reserved. 7
Cloud and mobility break network security
HQEMEA
Branch
APJ
Branch
Branch
Branch
Branch Branch BranchBranch
Home, Coffee Shop Airport, Hotel
Perimeter – N
etwork Security
SaaS Open Internet IaaS
©2017 Zscaler, Inc. All rights reserved. 7
HQ EMEAAPJ
BranchBranch
Home, Coffee Shop Airport, Hotel
Zscaler enables secure network and application transformationSaaS Open Internet IaaS
©2017 Zscaler, Inc. All rights reserved. 7
HQ EMEAAPJ
BranchBranch
Home, Coffee Shop Airport, Hotel
Zscaler enables secure network and application transformation
OLD SECURITY MODEL
Hub-and-Spoke MPLS / VPN
OLD NETWORK MODEL
Secure the Corporate Network
SaaS Open Internet IaaS
©2017 Zscaler, Inc. All rights reserved. 7
HQ EMEAAPJ
BranchBranch
Home, Coffee Shop Airport, Hotel
Zscaler enables secure network and application transformation
NEW SECURITY MODEL Secure the Network
Securely connect users to apps
Direct to Internet Broadband / Wi-Fi / LTE / 5G
NEW NETWORK MODEL
OLD SECURITY MODEL
Hub-and-Spoke MPLS / VPN
OLD NETWORK MODEL
Secure the Corporate Network
SaaS Open Internet IaaS
©2017 Zscaler, Inc. All rights reserved. 8
Zscaler enables secure IT transformation to the cloud
Internet and VPN Gateway
Ext. FW / IPS
URL Filtering
Antivirus
DLP
SSL
Sandbox
Global LB
DDoS
Ext FW/IPS
RAS (VPN)
Internal FW
Internal LB
SaaSOpen Internet
External
APPS
Data CenterIaaSInternal
Fast and secure policy-based access to apps and services over the Internet
Any device, any location, on-net or off-net
HQMOBILEBRANCHIOT
©2017 Zscaler, Inc. All rights reserved. 8
Zscaler enables secure IT transformation to the cloud
Ext. FW / IPS
URL Filtering
Antivirus
DLP
SSL
Sandbox
Global LB
DDoS
Ext FW/IPS
RAS (VPN)
Internal FW
Internal LB
SaaSOpen Internet
External
APPS
Data CenterIaaSInternal
Fast and secure policy-based access to apps and services over the Internet
Any device, any location, on-net or off-net
HQMOBILEBRANCHIOT
©2017 Zscaler, Inc. All rights reserved. 8
Zscaler enables secure IT transformation to the cloud
Ext. FW / IPS
URL Filtering
Antivirus
DLP
SSL
Sandbox
Global LB
DDoS
Ext FW/IPS
RAS (VPN)
Internal FW
Internal LB
SaaSOpen Internet
External
APPS
Data CenterIaaSInternal
Fast and secure policy-based access to apps and services over the Internet
Any device, any location, on-net or off-net
External (open Internet or SaaS)Nothing bad comes in,
nothing good leaks out
Zscaler Internet Access
HQMOBILEBRANCHIOT
©2017 Zscaler, Inc. All rights reserved. 8
Zscaler enables secure IT transformation to the cloud
Ext. FW / IPS
URL Filtering
Antivirus
DLP
SSL
Sandbox
Global LB
DDoS
Ext FW/IPS
RAS (VPN)
Internal FW
Internal LB
SaaSOpen Internet
External
APPS
Data CenterIaaSInternal
Internal (cloud or data center) Connect a user to an authorized private app (not network)
Fast and secure policy-based access to apps and services over the Internet
Any device, any location, on-net or off-net
External (open Internet or SaaS)Nothing bad comes in,
nothing good leaks out
Zscaler Internet Access
Zscaler Private Access
HQMOBILEBRANCHIOT
©2017 Zscaler, Inc. All rights reserved. 9
Zscaler enables secure IT transformation to the cloud
©2017 Zscaler, Inc. All rights reserved. 9
Zscaler enables secure IT transformation to the cloud
©2017 Zscaler, Inc. All rights reserved. 9
SaaS Open Internet IaaS
Zscaler enables secure IT transformation to the cloud
APP TRANSFORMATIONDATA CENTER CLOUD (SAAS/IAAS)
©2017 Zscaler, Inc. All rights reserved. 9
SaaS Open Internet
HQMOBILEBRANCHIOT
IaaS
Zscaler enables secure IT transformation to the cloud
APP TRANSFORMATIONDATA CENTER CLOUD (SAAS/IAAS)
NETWORK TRANSFORMATIONHUB AND SPOKE DIRECT-TO-CLOUD
©2017 Zscaler, Inc. All rights reserved. 9
FW / IPS
URL Filter
Antivirus
DLP
SSL
Sandbox
Global LB
DDoS
Ext. FW/IPS
RAS (VPN)
Internal FW
Internal LB
Internet & VPN Gateway
SaaS Open Internet
HQMOBILEBRANCHIOT
IaaS
Zscaler enables secure IT transformation to the cloud
Better User Experience Reduced Business Risk Business Agility Lower TCO Competitive Advantage
APP TRANSFORMATIONDATA CENTER CLOUD (SAAS/IAAS)
SECURITY TRANSFORMATIONUSER AND DATA SECURITYNETWORK SECURITY
NETWORK TRANSFORMATIONHUB AND SPOKE DIRECT-TO-CLOUD
©2017 Zscaler, Inc. All rights reserved. 10
Zscaler: The market leader in cloud security
Most Discerning Enterprise Customers
2,700 CUSTOMERS
Over 80 of the Fortune 500 54% International
Global Partners
100 Data centers
40B Daily requests
185 Countries served
Largest Cloud Security Platform in the World
Mature Global Cloud Operations
Experienced Team with Pioneers in Cloud Security
Unparalleled Cloud Scale
©2017 Zscaler, Inc. All rights reserved.11
New Leaders Are Born When Megashifts Take Place
©2017 Zscaler, Inc. All rights reserved.11
New Leaders Are Born When Megashifts Take Place
BEST OF BREED HARDWARE
CLIENT SERVERMAINFRAME
APPLICATIONS
NETWORK SECURITY APPLIANCES
©2017 Zscaler, Inc. All rights reserved.12
Technical Workshop Proof of Concept Executive Briefing in San Jose, CA
©2017 Zscaler, Inc. All rights reserved.12
Let Zscaler empower your next IT project
Corporate deployment of Office 365
SecuringSD-WAN transformation
VPN Replacement or Securing App Access in AWS or Azure
Enhancing Security or Replacing Traditional Proxies
Next StepsTechnical Workshop Proof of Concept Executive Briefing in San Jose, CA