Ma story then_now_webcast_10_17_18
•
1 like•717 views
1. The document discusses how Zscaler Private Access (ZPA) can simplify security for mergers and acquisitions by providing zero trust network access without requiring changes to the existing network infrastructure. 2. Traditionally, integrating an acquired company's network required ordering new circuits, complex IP addressing schemes, and coordinating firewall changes which could take years. 3. With ZPA, a company can subscribe and instantly provide any user with secure access to approved internal applications from any device without requiring network access. This accelerates the integration of acquired companies while standardizing security policies.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Ma story then_now_webcast_10_17_18
Similar to Ma story then_now_webcast_10_17_18 (20)
More from Zscaler
More from Zscaler (20)
Recently uploaded
Recently uploaded (20)
Ma story then_now_webcast_10_17_18
- 1. 0 The M&A Story:Then and Now Casey Lee Director, IT Security Chris Hines Head of PMM (ZPA)
- 2. 1 1 Every story begins with a Merger or Acquisition
- 3. 2 One the excitement wears off, the fun begins… Need identical security 1 2 3 Must maintain compliance levels Visibility becomes a factor Acquired company may not be as security conscious Access policies Which security tech to standardize on? Data privacy Granular visibility and security based on identify How do you determine who across each company gets access to SOC? Liability site Personal devices
- 4. 3 MPLS Integration to the rescue? 1. Often requires network address translations (NATING) 2. Now you must deal with overlapping IP for branches and datacenters 3. The appliance game begins – do we need more appliances? Who’s appliances do we use 4. Do I have enough concurrent connection handling capacity on VPN concentrators? 5. Users do not have our VPN clients on their PC 6. I want to enable access to HR and Payroll portal for acquired org immediately, but this requires full network access and ACLs 7. Data locality – how do we treat German traffic compared to US traffic? How can IT ensure that business is ready to allow access to apps for acquisition employees without compromising security and performance?
- 5. 4 If legacy, network –centric approaches are such a pain…. …what if we used the internet to secure access instead? Then Now
- 6. 5 National Oilwell & Varco’s Story Making zero trust possible and accelerating M&A
- 7. 6©2018 Zscaler, Inc. All rights reserved. / Confidential Casey Lee Director IT Security National Oilwell Varco • About NOV – Oil & Gas manufacturer • 38,000 employees • 635 sites across 66 countries • 11 regional hubs • 300+ M&A over 15 years
- 8. 7©2018 Zscaler, Inc. All rights reserved. / Confidential Legacy Security Environment Howdowestandardize? 1 2 Managed three sets of appliances - Firmware, patching, troubleshooting and frequent need to update appliances 3 Endpoints - 70-75% laptops, lacked visibility, no protection off-net 4 Rise of SSL – loss of visibility - Created need for decryption. More appliances? Multiple security providers - CheckPoint, BlueCoat, FireEye and OpenDNS
- 9. 8 Architecture for Network Transformation - Cheap Boxes - Zscaler for Security - 4X less MPLS $$$$ - 10x – 20x Speed Increase - VPN tunnel – provider network - Streamlined M&A process
- 10. 9 Remote Access – Then & Now Then Network- centric Now User & App centric Radius ADFS LAN Now Zero trust
- 11. 10 Zscaler User Count: 38,000 employees. 10,000 users secured by ZPA Zscaler Products: ZPA, ZIA Benefits of Zscaler Platform • Was able to embrace a zero trust strategy with ZPA. Now hackers can’t attack what they can’t see. • 7,500 apps being discovered by ZPA connectors; of those 3,400 are accessed by remote users. • Now have a single security platform. Can secure access to internet with ZIA and ZPA for secure access to internal apps. • Leverages browser access capability • Fast ZPA deployment shortens time for M&A while ensuring security.
- 13. 12 ZPA: Zero trust access to any internal app, from any device anywhere Public Cloud Private Cloud / Data Center Goal: Simplify network security. Accelerate process for acquired or divested assets. INTERNALLY MANAGED HQ location Acquired or divested mobile users Acquired or divested company IOT devices 1. Standardize security policies for newly acquired companies 2. Control user application access, w/o network access 3. Consistent remote user experience for all, without VPN 4. No change to infrastructure to bring newly merged assets in The value of cloud-based security Secure and standard experience across all users and assets
- 14. 13 Software-defined perimeter architecture ZPA ZENs secure user to app connection 1 Z-App / Browser Access request access to app 2 App Connectors sit in front of apps – outbound-only connection 3 Zscaler Private Access – simplifying M&A Zero trust security with ZPA • Treat all as untrusted – both outside & inside the perimeter • Verification prior to granting access • Access is granted on a strict “need to know” basis • App access without requiring network access • Segment of one is created between named users & named application Z App Browser Access 2 App Connectors 3 3 1 ZPA ZENs Company A Company B
- 15. 14 Comparing then, to now Then Now Application Location 1. Examine the acquired company’s network hygiene to determine risk Subscribe to Zscaler Private Access - no need for new circuits or network changes Network Architecture 2. Order circuits from telecom companies (and wait 3-9 months) Turn on application discovery Security Approach 3. Set up flexible IP addressing scheme and/or NAT to absorb devices on new network(s) Configure user-to- application access based on discovery & user context 4. Coordinate joint internal firewall changes – ports, source addresses, NAT 5. Perform joint application inventory 6. Determine how to enforce access control rules - firewall, NAT, proxy 7. Configure various required access control mechanisms, load-balancing, etc.
- 16. 15 CostExperience Security Simple • Consistent experience for all acquired users • No remote access VPN login • Users never on network • Standardized security • Control application access • Visibility into user activity • Weeks vs. years • No change • No network segmentation • Faster product delivery • No hardware appliances • No hardware replacement • Zero IP convergence and segmentation costs Benefits
- 17. 16 Summary Take ZPA for a test drive. https://www.zscaler.com/zpa- interactive Learn more about Zscaler for M&A https://www.zscaler.com/solutions /mergers-acquisitions-divestitures Casey Lee Director, IT Security National Oilwell & Varco Chris Hines Principal Product Manager Zscaler
Editor's Notes
- 1. Do you still use MPL