Security Availability Security Monitoring Connectivity Availability Performance DDo
Security Availability
Security Monitoring Connectivity Availability Performance
DDo. S Protection Application Gateway and WAF Network Security Groups VNet Service Endpoints
w Ne
w Ne
w Ne
w Ne
New Azure Load Balancer Internal Load Balancer HA Ports
w Ne
30 Gbps VM to VM bandwidth world’s fastest Accelerated Networking for more VM SKUs DPDK partner enablement VPN gateway SKUs—up to 6 X faster
w Ne
w Ne
A 10 Networks 2016 REVENUE $230 M 5700+ CUSTOMERS IN 72 COUNTRIES + ADC, CGNAT DDo. S Protection + SSL Visibility, Firewall, IPSEC + Cloud (Secure Application Services) FOUNDED IN 2004 NYSE (ATEN)
A 10 & Microsoft Collaboration • • • Microsoft Azure: • Accelerated Networking (SRIOV) • Data Plane Development Kit (DPDK) Harmony Controller A 10 Networks: • Application Delivery • Secure Connectivity • Central Management & Analytics Results • 10 x Performance improvement in packets per second (pps) • Significantly reduced latency & jitter More details in the High-Performance Data Center Session (BRK 4017) Public Secure Connectivity Data Center
Express. Route merged peerings, Route Filters, IPv 6 Global VNet Peering VPN P 2 S for mac. OS, AD authentication VPN monitoring, simplified configuration
w Ne ✔ ✔ Customer’s Network Partner Edge Microsoft Peering for Office 365 and Dynamics 365 Azure Public Peering for Azure public IPs Azure Private Peering for Virtual Networks Microsoft Edge
3 x more
w Ne
w Ne Express. Route S 2 S VPN P 2 S VPN
g in m n Co Soo
w vie e Pr AD Auth
w vie e Pr
Access to Apps on Azure The Experience Users Want. The Security IT Requires. Jay Chaudhry CEO, Founder, and Chairman 34 © 2017 Zscaler, Inc. All rights reserved.
Zscaler: The Market Leader in Cloud Security Cloud Scale Enterprise Customers 35 B 2, 700 CUSTOMERS Daily requests 100 Data centers 185 Countries served Over 80 of the Fortune 500 Largest Cloud Security Platform in the World Mature Global Cloud Operations 35 © 2017 Zscaler, Inc. All rights reserved. Global Partners
The Castle and Moat Security Architecture Secure your network by building a perimeter around it. 36 © 2017 Zscaler, Inc. All rights reserved.
The Traditional Hub and Spoke Network Architecture 37 © 2017 Zscaler, Inc. All rights reserved. Backhaul traffic to a central datacenter.
Apps Moved To Azure 38 © 2017 Zscaler, Inc. All rights reserved.
Legacy Breaks Cloud and Mobility Site-to-site VPN RAS (VPN) Internal FW Internal LB 39 © 2017 Zscaler, Inc. All rights reserved. Global LB DDo. S Ext. FW / IPS
Zscaler Private Access (ZPA) A Revolutionary Approach to Internal App Access 40 © 2017 Zscaler, Inc. All rights reserved.
4 Key Design Tenets 41 1 Connect users to apps without bringing them on the network 2 Never expose applications to the Internet 3 Segment apps without segmenting the network 4 Provide remote access over the Internet without VPNs/NGFWs © 2017 Zscaler, Inc. All rights reserved.
ZPA: Securely connects the right user to the right app • Cloud Policy Engine: user to app access rights Z-Connector • Z-App: requests access to an app • Z-Connector: sits in front of apps (inside out connections) Z-Brokers • Z-Brokers: secure user to app connection Azure Express. Route Experience Users Want. Security You Need. Z-App Datacenter 42 © 2017 Zscaler, Inc. All rights reserved.
ANNOUNCING: ZPA Running on Microsoft Azure Largest Security Cloud Footprint Connections close to your users for a fast and secure experience • Zscaler Brokers now on the Azure Global Cloud • Integrated with Azure Active Directory • Planned integration with Enterprise Mobility Suite 43 © 2017 Zscaler, Inc. All rights reserved.
Enterprise Benefits Experience 44 © 2017 Zscaler, Inc. All rights reserved. Security Cost Simple
3 Areas of IT transformation App Location Datacenter Cloud Hub & Spoke Direct-to-Cloud Castle & Moat User to App Policies Network Security 45 © 2017 Zscaler, Inc. All rights reserved.
Being your transformational journey today. Booth 1936 Live ZPA on Azure Demo Secrets to a successful Office 365 deployment Sneak Peek: MCAS Integration 46 © 2017 Zscaler, Inc. All rights reserved.
w Ne
w Ne
w Ne
…and how we resolved them 55
Security Monitoring Connectivity Availability Performance
Code Title Day and time Location THR 3047 Announcing DDOS Protection Public Preview for Azure Tuesday 2: 10 pm OCCC South – Expo Theater #10 BRK 4023 Azure Express. Route—new features, best practices, and customer experiences Wednesday 9: 00 am BRK 4019 Networking Security for Applications in Azure Wednesday 4: 00 pm BRK 4017 High-performance data center expansion with Azure Networking Thursday 9: 00 am BRK 4028 Building highly available, secure, and scalable services for the enterprise with Azure networking Thursday 2: 15 pm BRK 4032 Monitoring, diagnosing and debugging with Azure networking Friday 9: 00 am
http: //myignite. microsoft. com https: //aka. ms/ignite. mobileapp
- Slides: 59