Date: 06/06/2024
Vendor: Zscaler
Technology/Topic: Internet Access Point (IAP) Modernization with Zscaler
TEM Video (milTube): https://www.milsuite.mil/video/watch/video/69594
______________________________________________
Welcome to the Technical Exchange Meeting (TEM)!
Zscaler Internet Access (ZIA) for Modernization of DISA IAPs
Zscaler is a Cloud Service Provider with specific focus on Security (Security SaaS). Zscaler’s cloud service provides the various components typically found in a complex Security Stack in the form of a cloud service. However, Zscaler does not “service chain” security appliances from various “best of breed” vendors as a means to provide security services. Doing so causes issues in terms of latency, performance, and scaling as traffic has to be processed and logged by one appliance and then put back on the wire to traverse the next appliance in the chain. This legacy approach also causes discrepancies in terms of enforcement policies and disparate logging information from various point products that then has to be rationalized. Rather, Zscaler has developed its own patented technologies (Single Action Multi Scan), which simultaneously fires off all security scanning capabilities upon payloads loaded into memory. As an analogy, Zscaler’s scanning capabilities are like a NASCAR pit crew that simultaneously deploys a team to change tires, wipe windows, refuel, etc in order to get the race car back on the track as quickly and efficiently as possible. The result is inspection of traffic at 20 to 30 times faster than the legacy approach of service chaining security appliances. This includes 100% break and inspect of all traffic at scale with 10ms (or less) of delay.
With regard to DISA IAPs, ZIA provides all the capabilities and services found within the IAP environment. In addition, ZIA incorporates additional features such as Content Disarm and Reconstruct which would further enhance IAP capabilities. Today, the IAPs have various components that could be subsumed by ZIA holistically thereby eliminating the capital cost of those components and reduce the operating cost of those environments. The capabilities that ZIA would subsume include: replace the A10s for decrypt/encrypt, replace the entire Web Content Filter environment, replace SHARKSEER components, replace CBII, address requirements for Zero Day Network Defense, and provide 100% full content inspection of all traffic at scale. Subsuming these functions with ZIA would literally save millions of dollars in CAPEX and OPEX. ZIA would also provide enhanced performance and enhanced user experiences by reducing the traffic patterns across these standalone components within the IAPs.
In addition to the info above, Zscaler is the world’s largest security cloud currently handling over 400 Billion transactions per day. To put that in context, there approximately 8.5 Billion Google searches per day. As such, Zscaler’s Zero Trust Exchange provides the world’s largest “Petri dish” of security transactions which continues to train through the use of AI on the ever growing number of zero day threats, polymorphic threats, etc to patch, fix, and propagate at cloud scale within minutes across Zscaler’s entire global infrastructure. This provides a high value to Zscaler customers in terms of security while taking the burden off of Zscaler customers.
______________________________________________
To join the DISA TEM mailing list, please contact: disa.tem@mail.mil
______________________________________________
Disclaimer:
— TEMs do not serve as a marketing venue or request for proposal actions.
— TEMs shall not be interpreted as a commitment by the Government to issue a solicitation or ultimately award a contract.
— TEMs do not serve as an endorsement of any presented technologies or capabilities
— Presentations will not be considered as proposals nor will any awards be made as a result of a TEM session.
— TEMs are public open forums – no proprietary or sensitive information should be presented during TEM sessions. Only publicly facing content is permissible in DISA TEM sessions.