The Zscaler Reference Architecture series delivers best practices based on real-world deployments. The recommendations in this series were developed by Zscaler's transformation experts from across the company. This guide will steer you through the architecture process and provide technical deep dives into specific platform functionality and integrations. The Zscaler Reference Architecture series is designed to be modular, so this guide will show you how to configure a different aspect of the platform in order to allow you meet your specific policy goals.

Zscaler Internet Access (ZIA) provides a full security stack with ZIA Service Edges enforcing your policies and protecting your users wherever they are, from the head office to their home offices. The same authentication and policy follow the user, and that policy can be adjusted based on location, device in use, and more. User traffic is inspected and forwarded on or blocked according to your defined policy.

Unlike previous centralized models that back hauled traffic to a central location, ZIA is available in 150+ data centers around the world. Many of these data centers are in internet exchange peering points with other cloud infrastructure and application providers, such as Microsoft, Amazon, and Google. This guide discusses best practices for forwarding traffic to a ZIA Service Edge, where your users are authenticated and your policy is enforced.

Traffic Forwarding in Zscaler Internet Access: Reference Architecture Guide Download PDF