ZPA Private Service Edge at a Glance

Key Benefits:

Simplified Segmentation ZERO TRUST

Reduce the complexity of defining EXCHANGE
network segments and flatten your
policy framework by using “user to
hostname” policies not, source IP
and destination IP Zscaler Private Access Control Plane

Fast User Experience Data Center

Connect local users to local
applications without having to route
traffic to the Internet first

Streamline Compliance
Comply with industry and country
regulations that prevent the use of MPLS or App Connector
Site to Site tunnel Private
cloud-hosted technology Service Edge
Branch Office

Application Segment

Providing local users with granular access to local private applications often requires defining network segments, investing in additional firewalls, or
routing traffic to a cloud-hosted service edge first. For the admin, this means hundreds of firewall policies and updating appliance hardware just to
provide the level of granularity needed to protect apps. For the user, this can lead to a suboptimal experience.

Available as part of our Zscaler Private Access™ (ZPA™) service, ZPA™ Private Service Edge is a fully functional single-tenant (per customer) instance
that is hosted by the customer and managed by Zscaler. It is used to securely connect local users to a local broker for fast and secure access. The ZPA
Private Service Edge software can reside within the customer’s data center or in a public cloud service and leverage the existing MPLS infrastructure.

©2020 Zscaler, Inc. All rights reserved. /1

 Z P A P R I V AT E S E R V I C E E D G E AT A G L A N C E

Key Capabilities
The ability to extend Zscaler cloud to the Facilitates the adoption of hybrid and “We’ve been using ZPA since
locations users are working from, bringing multi-cloud with a consistent access
the service edge as close to the user as policy, even after a private app migrates to
2018 as a VPN alternative. When
possible. ZPA Private Service Edge can public cloud services like Azure, AWS, we heard about ZPA Private
connect via the fastest path fulfilling, least and Google. Service Edge, we realized that
privilege access with ZTNA.
Policies and configurations are cached, we could extend the zero trust
Real time policy and configuration resulting in high service availability.This is access capabilities of the public
updates with the control channel between especially important in locations without ZPA cloud with software that
ZPA Private Service Edge and Zscaler easy access to the cloud.
Cloud without needing the user to change
can run in our own network.
anything on their client to learn about the
No appliances are needed, thus avoiding We’re now able to better protect
internal firewalls and update costs.
new configuration. our business-critical private
Two outbound connections are formed, apps, and deliver the best user
one from the user, and one from the experience possible, by using
application connector. Private Service
our ZPA Private Service Edge
Edge stitches these two connections
together to provide a single application that runs on-premises, but is
tunnel between the authorized user and managed by Zscaler.”
specific private application.
– Nicholas Pandola | Global Director
Information Security, Trinseo

Request Demo zscaler.com/custom-product-demo chevron-right

Zscaler, Inc.
120 Holger Way
San Jose, CA 95134
+1 408.533.0288
www.zscaler.com
©2021 Zscaler, Inc. All rights reserved. Zscaler™and Zero Trust Exchange™are either (i) registered trademarks
or service marks or (ii) trademarks or service marks of Zscaler, Inc. in the United States and/or other countries.
©2020
Any Zscaler,
other Inc. Allare
trademarks rights
the reserved.
properties of their respective owners.
/2