Zscaler

Zscaler Architecture

The three major components of Zscaler architecture are :-

  • Zscaler Central Authority
  • Zscaler Enforcement Nodes
  • Nanolog Cluster

Let us discuss about the three components .

1. Zscaler Central Authority

  • It monitors the Cloud (ZEN) and provides a central location for software and database updates,policy and configuration settings and threat intelligence.
  • It consists of one active server and two servers in passive standby mode.Active CA replicates data in real time to the two Standby CA’s.
  • Each Server is hosted in a separate location to ensure fault tolerance.

2. Zscaler Enforcement Nodes

  • It is a full-featured secure internet gateway that provides integrated internet security.
  • It inspects all web traffic bi-directionally for malware and enforce security compliance and firewall policies.
  • Two main modules of enforcement nodes are WEB module and FIREWALL module.
  • ZEN never stores any data to disk.Log data generated for every transaction is compressed,tokenized and exported over secure TLS connections to log routers that directs the logs to NANOLOG cluster for each organization.

3. Nanolog Clusters

  • It stores transaction logs and provide reports.Each cluster consists of one active server and two servers in passive standby mode.
  • Each nanolog server is hosted in a separate location to ensure fault tolerance.
  • Zscaler offers Nanolog Streaming Service (NSS) which uses a virtual applicance to stream web and firewall traffic logs in real time from the Zscaler Nanolog to the customers security information and SIEM system.

Additionally each cloud has various support systems and Servers:-

  1. Sandbox Servers
  2. PAC File Servers
  3. Administrative Interface Servers
  4. Log routers

All components communicate with each other over an encrypted SSL tunnel.

Zscaler Feed Central is a separate cloud that is used for centralised distribution of various feeds to Zscaler.Zscaler has number of partnerships with Microsoft,Google,RSA etc for data feeds including feeds for URL filtering,Anti-Virus etc.

Zscaler Feed Central distributed data to Zscaler CA which then distributes it to all ZEN nodes.