Enabled by the Zscaler Zero Trust Exchange (ZTE), Zscaler Cloud Connector is a virtual machine (VM) that simplifies traffic forwarding to Zscaler services. It extends the capabilities of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) to cloud-native workloads, which allows enterprises to secure cloud workload communications over any network.

The ZTE enables workloads to communicate with each other and have a granular security policy applied. The communication may be from private workloads (i.e., IaaS, physical data center) to public workloads (i.e., SaaS/internet), or between private workloads (i.e., IaaS to IaaS, IaaS to physical data center).

ZIA is used when a private workload is communicating to a public workload through the ZTE. ZPA is used when two private workloads are communicating with each other through the ZTE. To learn more, see the Step-by-Step Configuration Guide for Zscaler Cloud Connector.

Key Features and Benefits

The following are some key Cloud Connector features and benefits:

• Security: Secures all inbound and outbound traffic to the internet. The security capabilities that are available through the ZIA platform for server internet access are Secure Sockets Layer (SSL), Intrusion Prevention System (IPS), Firewall, Data Loss Prevention (DLP), etc.
• Connectivity: Provides seamless connectivity from private or public cloud applications to the internet.
• Performance: Ensures better end-user experience and application performance by peering into relationships with SaaS providers (e.g., Microsoft Office 365, Amazon Web Services (AWS), and Microsoft Azure).
• Reduces Cost: Consolidates multiple products (e.g., Squid proxies, firewalls, third-party NAT appliances, URL filtering, etc.) into a single solution. Additionally, the same policy applied to user traffic can be applied across the cloud infrastructure.
• Highly Scalable: Ease of implementation across 1,000 service accounts in public clouds and a single solution scales to connect 10K+ server environments in public clouds (e.g., AWS, Azure, etc.).
• Ease of Deployment: Fully orchestrated deployment for AWS and Azure using Terraform, CloudFormation, and Azure Resource Manager.
• Real-Time Visibility: Dashboards and Insights provide unparalleled visibility into your users and applications, and the health of your organization’s applications and servers.
• Mergers and Acquisitions: Securely integrates public cloud accounts/networks with the same consistent security controls and enables connectivity between merged/acquired organizations' cloud networks without having to directly connect them or worry about overlapping IP space.

In the realm of networking, organizations ask how to secure traffic entering the cloud, but not traffic that is within, exiting, or transitioning between clouds. As users operate between multiple service providers, this attack surface grows. Cloud Connector enables the following use-cases:

• Workloads to Internet Communication: Applications might need to access an internet or SaaS destination (e.g. third-party APIs, software updates, etc.) with a scalable, reliable security solution that inspects all transactions, applying advanced threat prevention and DLP controls.
• Workload to Workload Communication: Public clouds and corporate data centers for multi or hybrid cloud connectivity deliver better security and a simplified operational model compared to traditional solutions like proxies, virtual firewalls, Intrusion Detection System (IDS), and Intrusion Prevention System (IPS).