没有合适的资源?快使用搜索试试~ 我知道了~
zero-trust-security-AWS-zscaler.pdf
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 189 浏览量
2022-05-20
10:35:01
上传
评论
收藏 1.17MB PDF 举报
温馨提示
试读
28页
zero-trust-security-AWS-zscaler.pdf
资源推荐
资源详情
资源评论
Zero Trust Security for AWS Workloads with
Zscaler Cloud Connector
Reference Architecture
REFERENCE ARCHITECTURE GUIDE FOR AZURE
REFERENCE ARCHITECTURE GUIDE FOR AWS
1©2022 Zscaler, Inc. All rights reserved.
Contents
About Zscaler Reference Architectures Guides 2
Who is this guide for? 2
A note for Federal Cloud customers 2
Conventions used in this guide 2
Finding out more 2
Terms And Acronyms Used In This Guide 3
Icons used in this guide 4
Introduction 5
Key Features and Benefits 7
New to Zscaler Cloud Connector? 8
Cloud Infrastructure Protection using Cloud Connector 9
Deploying Cloud Connector VMs via Scripts 10
High Availability 10
Scalability 12
Loing 12
Upgrading 13
Deployment and Design Options 14
Pre-Deployment Considerations 14
NAT Gateway vs. Internet Gateway 14
Availability Zones 15
Deploying Cloud Connector via Scripts 16
Deploying Cloud Connector via Terraform 16
Deploying Cloud Connector via CloudFormation 18
Directing Traffic to Cloud Connector 19
Forwarding Options 20
Choosing the Correct Design Model 21
Use Case: Direct to Internet using Zscaler Internet Access 22
Use Case: Integrating with AWS Transit Gateway 23
Use Case: Integrating Zscaler Private Access 24
Use Case: Securing Traffic Between Clouds 26
Summary 27
REFERENCE ARCHITECTURE GUIDE FOR AZURE
REFERENCE ARCHITECTURE GUIDE FOR AWS
2©2022 Zscaler, Inc. All rights reserved.
About Zscaler Reference Architectures Guides
The Zscaler™ Reference Architecture series delivers best practices based on real-world deployments. The
recommendations in this series were developed by Zscaler’s transformation experts from across the company.
Each guide steers you through the architecture process and provides technical deep dives into specific platform
functionality and integrations.
The Zscaler Reference Architecture series is designed to be modular. Each guide shows you how to configure a different
aspect of the platform. You can use only the guides that you need to meet your specific policy goals.
Who is this guide for?
The Overview portion of this guide is suitable for all audiences. It provides a brief refresher on the platform features and
integrations being covered. A summary of the design follows, along with a consolidated summary of recommendations.
The rest of the document is wrien with a technical reader in mind, covering detailed information on the
recommendations and the architecture process. For configuration steps, we provide links to the appropriate Zscaler Help
site articles or configuration steps on integration partner sites.
A note for Federal Cloud customers
This series assumes you are a Zscaler public cloud customer. If you are a Federal Cloud user, please check with your
Zscaler account team on feature availability and configuration requirements.
Conventions used in this guide
The product name ZIA Service Edge is used as a reference to the following Zscaler products: ZIA Public Service Edge,
ZIA Private Service Edge, and ZIA Virtual Service Edge. Any reference to ZIA Service Edge means that the features and
functions being discussed are applicable to all three products.
The product name ZPA Service Edge will be used as a reference to the following Zscaler products: ZPA Public Service
Edge, ZPA Private Service Edge, and ZPA Virtual Service Edge. Any reference to ZPA Service Edge means that the features
and functions being discussed are applicable to all three products.
- Notes call out important information that you need to complete your design and implementation.
- Warnings indicate that a configuration could be risky. Read the warnings carefully and exercise caution before making
your configuration changes.
Finding out more
You can find our guides on the Zscaler web site at hps://www.zscaler.com/resources/reference-architectures.
You can join our user and partner community and get answers to your questions at hps://community.zscaler.com.
REFERENCE ARCHITECTURE GUIDE FOR AZURE
REFERENCE ARCHITECTURE GUIDE FOR AWS
3©2022 Zscaler, Inc. All rights reserved.
Terms And Acronyms Used In This Guide
Acronym Definition
ZIA Zscaler Internet Access
ZPA Zscaler Private Access
ZTE Zero Trust Exchange
ACL Access Control Lists
AWS Amazon Web Services
AZ Availability Zone
CA Certificate Authority
DLP Data Loss Prevention
DTLS Datagram Transport Layer Security
ENI Elastic Network Interface
IaaS Infrastructure as a Service
IPS Intrusion Prevention System
LSS Log Streaming Service
MITM Man-in-the-Middle
NIST National Institute of Standards and Technology
NSS Nanolog Streaming Service
PaaS Platform as a Service
SaaS Soware as a Service
SIEM Security Information and Event Management
SSL Secure Sockets Layer
TGW Transit Gateway
TLS Transport Layer Security
VM Virtual Machine
VNets Virtual Networks
VPN Virtual Private Network
REFERENCE ARCHITECTURE GUIDE FOR AZURE
REFERENCE ARCHITECTURE GUIDE FOR AWS
4©2022 Zscaler, Inc. All rights reserved.
Icons used in this guide
Zscaler Zero Trust Exchange
ZIA or ZPA Service Edge
Zscaler App Connector
Zscaler Cloud Connector
AWS Autoscaling Group
AWS Virtual Machine
AWS Lambda
AWS Application or Workload
AWS NAT Gateway
AWS InternetGateway
AWS Transit Gateway
Azure Application or Workload
Generic Application or
Workload
Private Data Center Location
Headquarters Oice Location
Branch Oice Location
Factory Location
Authorized User
Data Tunnel
Bad Actor
剩余27页未读,继续阅读
资源评论
优质网络系统领域创作者
- 粉丝: 2974
- 资源: 2406
下载权益
C知道特权
VIP文章
课程特权
开通VIP
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功