Products > Zscaler Private Access

Zero Trust Network Access for your Private Apps

You no longer have to choose
between user experience and security.

The challenge of network-centric security

For 30 years, enterprises have relied on network-centric methods to connect users to the network, and by extension the applications running on it. But the way users work has changed, and with applications moving to cloud, the perimeter has extended to the internet. This renders network-centric solutions, like remote access VPNs, obsolete.


Common pitfalls of network-centric approaches:

  • Places users on-net, which increases risk
  • Provides a poor end-user experience
  • Inbound connections create opportunity for DDoS attacks
  • Requires appliances, ACLs, and firewall policies
  • No ability to provide application segmentation
  • Lack of visibility into app-related activity
a diagram showing the workflow of remote access vpns
a diagram showing ZPA provides secure and consistent access regardless of where the app is running

Zscaler Private Access

The experience users want with the zero trust access IT needs

Zscaler Private Access (ZPA) is a cloud service from Zscaler that provides seamless, zero trust access to private applications running on public cloud or within the data center. With ZPA, applications are never exposed to the internet, making them completely invisible to unauthorized users. The service enables the applications to connect to users via inside-out connectivity versus extending the network to them. Users are never placed on the network. This zero trust network access (ZTNA) approach supports both managed and unmanaged devices and any private application (not just web apps).

Zscaler helps NOV, a 150-year-old Oil & Gas offshore company with ZPA services

NOV, a 150-year-old oil and gas company, uses ZPA to enable zero trust for more than 7,000 apps and 10,000 users.

Growmark, a U.S.-based agricultural supply cooperative, enabled zero trust access to SAP and cloud apps with Zscaler’s ZTNA technology.

See how Paychex empowers a seamless application experience for users while accelerating and simplifying M&A IT integrations

See how Paychex empowers a seamless application experience for users while accelerating and simplifying M&A IT integrations.

MAN energy solutions makes zero trust possible with zscaler private access

See how MAN Energy Solutions uses ZTNA technology to provide zero trust access to private applications at sea.

Zscaler Private Access Benefits

72% of companies are adopting or have adopted a zero trust model. Here are some justifications for making zero trust network access (ZTNA) technology part of your digital transformation journey.

A better access experience

Access is seamless across all apps and devices. ZPA integration with Zscaler Digital Experience provides full visibility into traffic, for faster troubleshooting and improved user experience.

Never place users on-network

Authorized users have access to specific private apps without the need to access the network, reducing the risk of lateral movement and the spread of ransomware.

Segment by application, not network

Micro-tunnels enable network admins to segment by application with no need to segment networks or manage ACLs or FW policies.

Inside-out connectivity means app invisibility

Service-initiated ZTNA architecture ensures apps connect outbound to authorized users. IP addresses are never exposed and DDoS is impossible.

The internet becomes the new corporate network

Cloud adoption extends the perimeter to the internet. Use TLS-based encrypted tunnels and custom PKI to ensure private apps remain secure.

100% cloud-delivered ZTNA service

ZTNA as a service allows for simple management, high availability, greater scale, and strong protection against DDoS attacks.

Security simplified through automation

ZPA API and ML enhancements simplify zero trust for IT by automatically creating access policies for discovered apps and generating auto-segmentation of app workloads.

Built for all users, remote and on-premise

Bring the power of zero trust to remote and on-premise users with ZPA’s cloud-delivered public and private service edge.

ZPA: Zero trust network access (ZTNA) delivered as a service

Zscaler Private Access (ZPA) takes a user- and application-centric approach to private application access. A fully cloud-delivered service, ZPA ensures that only authorized users have access to specific private applications by creating secure segments of one between individual devices and apps. That means no more network access, no more lateral movement. And, rather than relying on physical or virtual appliances, ZPA uses lightweight software to connect apps and users to the Zscaler security cloud, where the brokered micro-tunnels are stitched together in the location closest to the user.

ZPA software-defined architecture for how we provide secure connectivity to private apps running across hybrid or multi-cloud environment
1.  ZPA Service Edge
  • Whether Public or Private, the ZPA Service Edge hosts the policy engine and brokers secure, zero trust connections between Client Connector and App Connector
2.  Client Connector (formerly Zscaler App/Z App)
  • Client Connector runs on the endpoint, forwarding all user traffic to Zscaler Cloud. Browser Access capabilities are available for web-based applications
3.  App Connector
  • App Connector front ends app in customer environment, connects to apps and discovers new apps

Discover and secure shadow IT applications

ZPA provides visibility into previously undiscovered internal applications running in the data center or public cloud. Admins can set granular policies for discovered applications to ensure least-privilege access. This control, combined with ZPA’s ability to make known applications invisible to unauthorized users, minimizes exposure and reduces the attack surface.

ZPA dashboard capture showing how many internal applications are running in the datacenter

Choose application segmentation, not network segmentation

61% of enterprises are concerned about overprivileged access, but network segmentation is difficult. With ZPA, enterprises no longer need to perform complex network segmentation. Admins have the granular control to decide who can access what, even down to the individual application and user level.

With Zscaler Private Access, you can control which users access which applications
1. Create and define policy names
2. Set different permissions levels for users and user groups
3. Select the applications each policy is associated with
4. Easily add new rules and policies for your users and applications from within the UI

ZPA meets the highest standards of compliance

Gartner peer insights

Replacing Enterprise VPN and using ZPA for application access achieving Zero trust model

Zscaler ZPA service is completely cloud based solution specifically accessing the application with Zero trust model. ZPA we used replacing our existing VPN solution and we are able to achieve all the requirement with it. The best part is we are using Zscaler ZIA and ZPA with only one agent.

VP in the Services Industry
Company Size: <50M USD

ZPA, the best way for Private access, No more PINS and Tokens required to enter

Great tool with easy to navigate and use. No need to enter token and pins the way we use to do it in old VPN tools.

Tech Lead in the Manufacturing Industry
Company Size: 10B - 30B USD

Easy Configuration and migration of ZPA

ZPA is providing secure options to access the applications not the network. Attack vector is reduced due to less visibility about the network.

Senior Security Specialist - Service Engineer in the Communications Industry
Company Size: 1B - 3B USD

Zscaler private Access

Overall experience is good - The Zscaler Private Access (ZPA) service enables us to access our internal applications and services while ensuring the security of our networks by encrypting the connection establishment.

Senior Specialist - Information Protection in the Retail Industry
Company Size: 10B - 30B USD

A great solution for a software defined perimeter that is a game changer

Provides a high level of security for the policy based access to the corporate applications without any need to purchase hardware.

VP in the Services Industry
Company Size: <50M USD

Suggested Resources


Watch a demo of Zscaler Private Access

ZPA Data Sheet

Learn more about Zscaler Private Access (ZPA)

Interactive Demo

Take ZPA for a Test Drive

Gartner ZTNA Market Guide

Learn more about zero trust network access (ZTNA)


Zscaler Private Access Inspection Benefits at a Glance


Redefining Secure Access to Private Applications

To gain fast, secure access to Zscaler Private Access, talk to Zscaler


送信ボタンをクリックすると、ゼットスケーラーの プライバシーポリシーに同意したものとみなされます。