Zscaler Cloud Firewall

Problems that solves

No IT security guidelines

Unauthorized access to corporate IT systems and data

Risk or Leaks of confidential information

Risk of attacks by hackers

Risk of data loss or damage

Risk of lost access to data and IT systems

Non-compliant with IT security requirements


Reduce Costs

Ensure Security and Business Continuity

Zscaler Cloud Firewall

Zscaler Cloud Firewall provides next-gen firewall capabilities, powerful network security, control and visibility everywhere.


Zscaler Cloud Firewall brings next-gen firewall controls and advanced security to all users in all locations — for all ports and protocols. Zscaler enables fast and secure local internet breakouts and, because it’s 100 percent in the cloud, there’s no hardware to buy, deploy, or manage.

With Zscaler Cloud Firewall, you get security and access controls without the cost, complexity, and performance limitations of next-generation firewall appliances. Your protection follows users wherever they go to provide identical protection and access control.  Part of the Zscaler Cloud Security platform, Zscaler Cloud Firewall provides a range of benefits that can only be delivered through a global, purpose-built security cloud.

Enables secure local internet breakouts

  • Routes internet traffic locally and provides direct-to-cloud connections for a fast user experience
  • Delivers security and access controls for all ports and protocols, without any appliances to deploy or manage

Delivers identical protection everywhere

  • Brings the entire security stack close to the user for identical protection wherever users connect
  • Enables granular firewall policies based upon user, location, and application

Reduces costs and complexity

  • Reduces MPLS backhauling costs
  • Eliminates costly and time-consuming patch management, coordination of outage windows, and policy management

Scales services elastically

  • Unlimited capacity to handle cloud application traffic requiring long-lived connections
  • Natively intercepts and inspects SSL/TLS traffic—at scale—to detect malware hidden in encrypted traffic

Improves security and controls

  • Delivers full, dynamic inspection of HTTP/HTTPS traffic traversing non-standard ports
  • Fully proxies all DNS traffic to protect against vulnerabilities such as DNS tunnels for data exfiltration
  • Delivers always-on IPS threat protection and coverage, regardless of connection type or location

Enables real-time visibility and control

  • Logs every session in detail across all users, locations, applications, ports, and protocols
  • Delivers near-real–time visibility and policy enforcement from a single console