What is Cloud Connector?

Cloud Infrastructure Protection using Cloud Connector

Enabled by the Zero Trust Exchange, Workload Communications is deployed as Cloud Connector virtual machines and extends the capabilities of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) to cloud-native workloads. This allows enterprises to secure cloud workload communications over any network. The Zscaler Zero Trust exchange will enable workloads to communicate with each other and have a granular security policy applied. The communication may be from private workloads (IaaS/Physical DC) to public workloads (SaaS/Internet), or between private workloads (IaaS to IaaS, or Physical DC to IaaS). Generally, where a private workload is communicating to a public workload through the ZTE, this will use the Zscaler Internet Access platform. Where a private workload is communicating with another private workload through the ZTE, this will use the Zscaler Private Access platform.

Key Features and Benefits

  • Security - Secures all inbound and outbound traffic to the internet. The security capabilities that are available through the Zscaler Internet Access platform for server internet access are Secure Sockets Layer (SSL), Intrusion Prevention System (IPS), Firewall, Data Loss Prevention (DLP), etc.
  • Connectivity - Provides seamless connectivity from Private/Public cloud applications to the internet.
  • Performance - Ensures better end-user experience and application performance by peering into relationships with SaaS providers (e.g., Microsoft Office 365, Amazon Web Services, and Microsoft Azure).
  • Reduces Cost - Consolidates multiple products (e.g., Squid proxies, firewalls, 3rd party NAT appliances, URL filtering, etc.) into a single solution. Additionally, the same policy applied to user traffic can be applied across the cloud infrastructure.
  • Highly Scalable - Ease of implementation across 1K service accounts in public clouds and single solution scales to connect 10K+ server environments in public clouds (e.g., AWS, Azure, etc.).
  • Ease of Deployment - Fully orchestrated deployment for AWS using Terraform and CloudFormation templates.
  • Real-Time Visibility - Dashboards and Insights provide unparalleled visibility into your users and applications and the health of your organization’s applications and servers.

Oftentimes, in the realm of networking, we find ourselves asking how we can secure traffic to the cloud. Rarely do we evaluate how traffic is secured within the cloud, as it leaves the cloud, or while in transit between clouds. This attack surface is growing as more and more workloads are being migrated and customers begin operating across multiple cloud service providers. Zscaler Workload Communications can help enable the following use-cases:

Applications to Internet Communications: Applications may need to access any Internet or SaaS destination, such as 3rd party APIs, software updates, etc. with a scalable, reliable security solution that inspects all transactions, applying advanced threat prevention and data loss protection controls.

Application to Application Communication to other public clouds and corporate data centers for multi/hybrid cloud connectivity, delivered with better security and a dramatically simplified operational model as compared with traditional solutions like proxies, virtual firewalls and IDS/IPS.

Application to Application Communications within a VPC by securing process-to-process communications to achieve micro-segmentation with no changes to the application or the network.


Thank you @Aaron_Rohyans for all these wonderful resources. Such a treasure trove of amazingness!

1 Like