Cloud security vendor Zscaler Inc. is hoping to unseat the Virtual Private Network (VPN) in the enterprise world. Traditionally, organizations provide remote access to corporate apps via a VPN in order to protect their networks from remote attacks, but VPNs can be a tricky beast to use.

Zscaler’s alternative is something called Zscaler Private Access, a new service that allows organizations to provide access to internal apps and services while ensuring they are secure, without any sign of a VPN.

As an Internet security firm, Zscaler is well suited to do so. It already offers a number of popular products, including a secure web gateway via the cloud. The company operates from more than 100 data centers globally, and provides numerous security services, including web security, next-generation firewalls, sandboxing/advanced persistent threat (APT) protection, data loss prevention, SSL inspection, traffic shaping, policy management and threat intelligence.

Zscaler claims more than 5,000 large enterprises as customers, including fifty Fortune 500 firms. Its products reach more than 15 million end users around the world, but with Zscaler Private Access its hoping to build on that number substantially.

The problem Zscaler wants to solve is that when companies provide access via a VPN, it typically grants users access to the entire network – and that leaves them vulnerable to exploitation.

In order to do away with VPNs, Zscaler Private Access decouples applications from the network, delivering granular access on a per-user basis to the various apps and services companies are running in their cloud or on-premises data center. Zscaler Private Access is built on Zscaler’s cloud, which means there’s no need for any new hardware to set it up.

Zscaler says a select bunch of its customers have been using the new service for some time, and that they’re extremely impressed with the results.

“MAN is always looking for the state of the art in security technology and have been searching for an alternative to our global VPN solution,” said Tony Fergusson, IT Infrastructure Architect for MAN Diesel & Turbo, a manufacturer of large diesel engines for use in ships and power stations, and one of the leading supporters of turbo machines. “In general, legacy VPN technology is extremely complex, doesn’t scale well, and, most importantly lacks application-centric security. Traditional VPNs extend the network perimeter to any user that connects, which is a security risk. Zscaler Private Access allows me to give users access to a single application, and not to my entire network. This granular application control is also perfect for the growing demand of contractors and partner access.”

Business analytics software provider SAS Institute Inc. is another happy customer, saying its particularly happy with the service for the “microsegmentation” benefits it provides.

“Microsegmentation, particularly when combined with remote users, could historically be hard to achieve because it often required a combination of VPN and Network Access Control,” said Brian Wilson, SAS Sr. Manager, IT Information Security. “With Zscaler Private Access, ensuring granular, application-layer access to authorized users is just part of the product, and may contribute to a speedier deployment than either VPN or NAC.”

Zscaler will have its work cut out if it’s to unseat the tried-and-tested VPN approach any time soon, but it certainly looks like an interesting tool that will appeal to some enterprises.

Photo Credit: Yu. Samoilov via Compfight cc