I am looking through the Deployment Architecture for CC here and there are a couple of questions I am struggling to answer - so looking at a wider community for some assistance
- CloudConnector’s performance is limited to 400Mb, as mentioned by ZScaler: does it mean 400Gbps in total or only for inspected traffic. Will bypassed traffic also bound by this 400Mbps ceiling?
- Is there a ZScaler-approved (=reference architecture) way to scale solution beyond that number (auto-scaling with GLB, etc)? I could not find any - document mentions that one can ‘scale with load-balancing’ without detailing it. Does CC support GENEVE protocol to be used with GWLB? If not, what is the exact supported scheme for horizontal scaling?
All in all, I am concerned about CC being a bottleneck for non-inspected traffic (and inspected also) in a large multi-account/multi-VPC deployment with a requirement to provide egress inspection for all internet-bound web-traffic AND with a requirement to bypass certain traffic classes from inspection.