What is your primary use case for Cloud Security Connector for Zscaler?

My main use case for Cloud Security Connector for Zscaler is to use it as a VPN. Instead of directly connecting to a separate VPN link, I connect to Cloud Security Connector for Zscaler, which acts as a VPN so that whenever I have a web app hosted in a firewall, I can access that particular web app via Cloud Security Connector for Zscaler only. I cannot access it using other networks. This setup has worked well for me because my company has a different environment called DNA. Whenever a web app or any other resources in Azure are hosted inside that DNA, I need to use or connect to Cloud Security Connector for Zscaler to access that particular resource. Cloud Security Connector for Zscaler acts as a VPN, so only users with a particular company ID can access that resource. No third party can access it. Even if I try to access the web app using my personal laptop or mobile phone, I cannot access it. I can only access those particular web apps and other resources like Key Vault inside Azure using Cloud Security Connector for Zscaler on my company's laptop only. I find Cloud Security Connector for Zscaler pretty useful for my main use case on a day-to-day basis because it really helps us as a security firewall. I do not want any other third-party companies or competitor companies to access my web app and see what I have developed. I need to keep it secure and do not want other companies to copy my web app or see the confidential information available in my web app. Cloud Security Connector for Zscaler is pretty useful while connecting.

Cloud Security Connector for Zscaler securely routes traffic from cloud workloads, such as applications running in AWS or Azure, through the Zscaler cloud for inspection and policy enforcement. In a traditional setup, Zscaler is primarily used for user traffic, but with Cloud Security Connector for Zscaler, the same security controls extend to server-side or workload traffic inside the cloud environment. For example, if application servers in an AWS VPC require internet access, instead of allowing direct outbound access, that traffic routes through Cloud Security Connector for Zscaler into Zscaler. This ensures that all traffic is inspected for threats, URL filtering policies are applied, and data protection controls are enforced. Another important use case is for east-west and server-to-internet communication, where visibility and control over workload behavior is desired, especially for compliance in industries such as banking or finance. Cloud Security Connector for Zscaler also helps maintain a consistent security posture across users and workloads since both are governed by Zscaler policies. Overall, Cloud Security Connector for Zscaler enables a zero-trust approach for cloud workloads by eliminating direct internet exposure and ensuring all traffic is inspected through Zscaler. A specific example from a banking client involved application servers hosted in AWS that required outbound internet access for updates and API communication. Initially, these servers had direct internet access through the NAT gateway, which created a visibility and security gap since the traffic was not being inspected or controlled centrally. To address this, Cloud Security Connector for Zscaler was implemented in the AWS environment. Routing was configured so that all outbound traffic from the application subnet was redirected through Cloud Security Connector for Zscaler into the Zscaler cloud. Once integrated, Zscaler policies such as URL filtering, SSL inspection, and threat protection were applied to the workload traffic. This ensured that even server-to-internet communication was fully inspected, similar to user traffic. As a result, centralized visibility and control were achieved, the risk of malicious outbound connections was reduced, and the environment was aligned with compliance requirements such as PCI DSS. Additionally, the architecture was simplified by removing the need for additional proxy or firewall appliances in the cloud. Apart from outbound workload protection, Cloud Security Connector for Zscaler adds value in controlling traffic in microservices architecture, where applications often communicate with external APIs or third-party services. Using Cloud Security Connector for Zscaler, this traffic is routed through Zscaler for inspection, which helps detect any malicious behavior or potential data exfiltration attempts. Another important use case is enforcing consistent security policies across both users and workloads. Instead of having separate security controls for endpoints and cloud servers, Cloud Security Connector for Zscaler allows unified policies to be applied through Zscaler, which improves visibility and simplifies management. Cloud Security Connector for Zscaler also plays a key role in compliance-driven environments, especially in banking and finance, where monitoring and logging all outbound traffic is mandatory for audit purposes. Overall, Cloud Security Connector for Zscaler extends zero-trust principles beyond users to cloud workloads, ensuring that no traffic is trusted by default and everything is verified and inspected.

In our current organization, we have been using Cloud Security Connector for Zscaler by Maiden Edge, Maidenhead Bridge for almost two and a half years. They are providing us specialized virtual appliances to simplify and secure connectivity between cloud environments. For our case, this involves AWS and Zscaler Internet Access, with a focus on zero trust and high availability, and it also helps with performance enhancement. Our main use case for Cloud Security Connector for Zscaler is that we have been using it as a pre-configured virtual machine that we deploy on our AWS system with minimal networking requirements. This connector helps us automate Zscaler node detection and route selection, which reduces the manual configuration and operational burden for our organization's administrators. Management is quite straightforward through it being available with SSH and AWS System Manager. The appliance also includes built-in utilities for traffic monitoring and troubleshooting and log export to syslog. Our day-to-day use case is primarily that it helps us automate Zscaler node detection and route selection. Automating node detection and route selection has helped us reduce the number of errors we were getting and made Zscaler more reliable and less dependent on Zscaler directly. Before using this solution with Zscaler, the Zscaler used to malfunction frequently, impacting our productivity. After implementing Cloud Security Connector for Zscaler along with Zscaler, we have seen positive effects, saving time as well as resources, which has left a very good impression on us.

This solution is for hybrid users who work from anywhere. It's like an end-user firewall. We can have restrictions on the end-user. If they come to the office, we have the infrastructure set up, and we can restrict access. But if they are connecting to the office from a personal network, like when working from home, we don't have any visibility. That is where Zscaler will help us get control over the end user. Wherever they are, on any network, the organization policy will be pushed to the end-user.

We use the solution to connect private applications in the data center or the SaaS applications on the cloud.