A key component of the Zscaler cloud, Service Edges are full-featured secure internet gateways that provide integrated internet security.
Service Edges can be public or private. ZPA Public Service Edges, addressed here, are deployed in Zscaler data centers around the world and can handle hundreds of thousands of concurrent users with millions of concurrent sessions. So, regardless of where your users are physically located, they can access their internal applications from any device. ZPA Public Service Edges enforce access and reauthentication policies based on your organization’s corporate best practices. For any given Microtunnel (M-Tunnel), the Control Service Edge is the ZPA Public Service Edge that handles cloud-level system messages to establish the M-Tunnel. ZPA Private Service Edges are fully functional single-tenant brokers that reside within your site or other locations, like cloud services.
Both Zscaler Internet Access (ZIA) and ZPA have Service Edges. The fundamental difference between a Service Edge used for ZIA and one used for ZPA is that:
- In ZIA, the Service Edge inspects the data as traffic flows through it.
- In ZPA, the Service Edge does not inspect the data as traffic flows through it.
All Service Edges have significant fault tolerance capabilities. They are deployed in active-active mode to ensure availability and redundancy, and Zscaler monitors and maintains its Service Edges to ensure continuous availability.
Leave a Reply