Global leaders are coming to Zenith Live. Are you? Learn More
Global leaders are coming to Zenith Live. Are you?
Learn More
Solutions > VPN Retirement

Zscaler Private Access for remote access VPN retirement

There’s no need to wait. Your users have
spoken. It’s time to retire your VPN.

Read Solution Brief

A brief lesson in remote access VPN history

In the beginning it was simple. The classic castle-and-moat security architecture provided a secure perimeter around the network, and the hub-and-spoke networking model routed traffic to a central data center. But something unique happened. Remote users started to move outside the network.

In the 1990s the remote access virtual private network was created as a means to connect remote users to the corporate network by extending the network to them and routing traffic through a VPN gateway hosted in the data center. But enterprises still rely on this technology today, even though it was never built to provide access to applications, let alone apps that now exist in not only the data center, but also cloud.

Relying on UTM and NGFW appliances to secure internet traffic is costly, results in appliance sprawl, and compromises branch security.

A new approach to secure remote access to internal applications

One not anchored within the data center

Your network is at risk

Remote access VPN gives users access to the corporate network. This exposes the network to potential security attacks.

App access, not network access

Users are never placed on network. Instead access to internal apps is based on customized policies that are hosted in the Zscaler cloud.

Your users have a poor experience

Remote users must fire up a remote access VPN client. All traffic is routed through a gateway hosted in a data center, slowing productivity.

Direct-to-app user experience

User traffic is routed directly to the app. Users don’t need to fire up a VPN client each time they want to access an app.

Hardware appliances are expensive and introduce complexity

Gateway appliances drive up costs and make remote access more complex. This becomes even more complicated when scaling across more data centers.

No appliances

The cloud-based solution requires no gateway appliances. All traffic is routed through the Zscaler cloud and to the closest application location.

Your network is at risk

Remote access VPN gives users access to the corporate network. This exposes the network to potential security attacks.

App access, not network access

Users are never placed on network. Instead access to internal apps is based on customized policies that are hosted in the Zscaler cloud.

Your users have a poor experience

Remote users must fire up a remote access VPN client. All traffic is routed through a gateway hosted in a data center, slowing productivity.

Direct-to-app user experience

User traffic is routed directly to the app. Users don’t need to fire up a VPN client each time they want to access an app.

Hardware appliances are expensive and introduce complexity

Gateway appliances drive up costs and make remote access more complex. This becomes even more complicated when scaling across more data centers.

No appliances

The cloud-based solution requires no gateway appliances. All traffic is routed through the Zscaler cloud and to the closest application location.

Software-defined perimeter for secure remote access

The Zscaler Private Access Service provides secure remote access to internal applications, regardless of where they exist and without placing users on the network. The service requires no remote access VPN or complex gateway appliances, and uses cloud hosted policy to authenticate access and route user traffic to the closest application location.

1.  Cloud Policy Engine
  • Hosted in cloud
  • Provides users access to app
  • Customizable by admins
2.  Z-App 
  • Mobile client
  • Installs on all users devices
3.  Z-Connector
  • Sits in front of apps in Azure, AWS, and other public clouds
  • Lightweight binary, runs in cloud or data center
  • Listens for access requests from Z-cloud
  • No inbound connections

Remote access VPN retirement benefits

Improved Remote User Experience

Fast access to apps

No more VPN client login

Seamless experience

Better security via policy-based access

Users never on network

Policy-based access

App and user visibility

Reduce costs for remote access

No hardware appliances

Less telco spend

Easy to implement and get started

Segment by application

Runs parallel to VPN

SSO with Okta

See how this e-commerce company replaced its remote access VPN
and now provides a better experience while improving security.

Read the story

Suggested Resources

Solution brief

ZPA for Remote Access VPN Retirement

Read the Solution Brief  

Demo

See a demo of Zscaler Private Access in action

Watch demo 

Whitepaper

The Definitive Guide to Secure Remote Access

Read the paper  
Resources Page

It's time to retire your remote access VPN

Zscaler wants to make it easy for you to say goodbye. Learn how you can get up to 6 months of Zscaler Private Access service for FREE.

Retire Now