Sold by: Zscaler, Inc.Â
Deployed on AWS
Private Cloud Controllers allow users to continue to access applications during ZPA-related cloud outages or internet service provider (ISP) outages. Business Continuity helps organizations achieve uninterrupted access to applications without any manual intervention.
Private Cloud Controllers can be deployed in several forms. Zscaler distributes a standard virtual machine (VM) image for deployment in enterprise data centers, local private cloud environments such as VMware, or public cloud environments such as Amazon Web Services (AWS), Microsoft Azure Cloud, or Google Cloud Platform. Additionally, Zscaler provides packages that can be installed on supported Linux distributions. Typically, the VM images are deployed on network segments that can access the ZPA cloud and accept inbound connections on port 443 simultaneously, such as in a DMZ. Private Cloud Controllers require inbound 443 and outbound 443 connections to be open.
Overview
Zscaler Private Access (ZPA) enables organizations to provide access to internal applications and services while ensuring the security of their networks. ZPA is easier to deploy, more cost-effective, and a more secure alternative to VPNs. Unlike VPNs, which require users to connect to your network to access your enterprise applications, ZPA allows you to give users policy-based secure access only to the internal apps they need to get their work done. Business Continuity for ZPA is powered by Private Cloud Controllers, which are deployed as a software package in enterprise data centers, local private cloud environments such as VMware, or public cloud environments such as Amazon Web Services (AWS), Microsoft Azure Cloud, or Google Cloud Platform. Private Cloud Controllers function as the brains of the operation, along with ZPA Private Service Edges, to deliver uninterrupted policy-enforced access to private applications, even when the Zscaler cloud is unreachable. Private Cloud Controllers perform the following critical functions:
- Continuously syncs policies and configurations in real time: Any changes made in the ZPA Admin Portal are pushed immediately to Private Cloud Controllers.
- Redirects users for authentication in Business Continuity: Becomes the authentication endpoint for users in Business Continuity, redirects users to the identity provider (IdP), and verifies SAML assertions.
- Redirects users to ZPA Private Service Edges based on load: Maintains the load table of all ZPA Private Service Edges and redirects users closest to the least loaded ZPA Private Service Edges for optimum performance.
- Enrolls new users: Allows new users (never enrolled in ZPA) to authenticate and redirects them to ZPA Private Service Edges.
- Enables App Connectors and Private Service Edges to download configurations: Ensures that App Connectors and ZPA Private Service Edges have the latest policies and configuration.
- Streams logs directly to SIEM: All logs are streamed directly to your SIEM in case of outage detection, ensuring you have visibility into user activity, App Connector status, and ZPA Private Service Edge status in Business Continuity.
Highlights
- Zscaler Private Cloud Controllers: Zscaler Private Cloud Controllers function as the brains of the operation, along with Private Service Edges, to deliver uninterrupted policy-enforced access to private applications, even when the Zscaler cloud is unreachable.
- Zscaler Client Connector: Installed on your users' devices, Zscaler Client Connector connects to the ZPA cloud to enable granular, policy-based access to your organization's internal resources.
- Global Zscaler Cloud: Stitches all components together. The Central Authority (CA) provides a central location for software updates as well as policy and configuration settings. The ZPA Public Service Edges or ZPA Private Service Edges enforce user policies and provide secure transport to the App Connectors.
Details
Sold by
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Rhel 9
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
For Release notes pleae access this link: https://help.zscaler.com/zpa/release-notes/zpa-private-cloud-controller-release-notesÂ
Additional details
Usage instructions
In order to acquire a license key for this product, please contact us via our web form here: https://www.zscaler.com/company/contact .
Once complete, you may access the User Interface of the Zscaler Cloud Portal by accessing this link here: https://admin.zscaler.net/Â . If not completed prior, you will be promoted to create an Admin account for your Zscaler Cloud Portal.
Utilizing the login you created, you may now utilize the Zscaler Cloud Portal to access your Zscaler management console where you will be able to manage and deploy new products on AWS, or other locations.
For ZPA Private Cloud Controller AWS Deployment see the below: https://help.zscaler.com/zpa/private-cloud-controller-deployment-guide-linuxÂ
Update the Security Group associated to the Private Cloud Controller to temporarily allow inbound access on port 22, then complete the following steps to connect to the instance.
SSH access is required in order to configure the provisioning key for the Private Cloud Controller. See instructions: https://help.zscaler.com/zpa/private-cloud-controller-deployment-guide-linuxÂ
Log in to the Private Cloud Controller console using your AWS Private Key (i.e., a .pem file).
SSH access is enabled by default on AWS Private Cloud Controllers, so there is no need to enable the service manually.
Using a standard SSH client, enter the following command to connect to the AWS instance: ssh -i <AWS Private Key> admin@<Private Cloud Controller Public Hostname or IP Address>
For example, the private key for the AWS instance is AWS.pem and the ZPA Private Cloud Controller IP address is 35.160.130.25: ssh -i AWS.pem admin@35.160.130.25
Support
Vendor support
Zscaler global support is available around the clock, with dedicated customer support engineers providing personalized assistance to ensure that customers are getting the most value from our products. Our support engineers have significant experience in networking and security, working closely with operations, sales, and engineering teams to ensure rapid response and resolution.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Zscaler Private Access Service Edge
By Zscaler, Inc.
The ZPA Private Service Edges are brokers that are a single-tenant instance that provide the functionality of a ZPA Public Service Edge in an organization's environment. Your organization hosts them either within your site or on a cloud service, but Zscaler manages them. On the other hand, ZPA Public Service Edges are deployed in Zscaler data centers around the world.
As with a ZPA Public Service Edge, a ZPA Private Service Edge manages the connections between Zscaler Client Connector and App Connectors. It registers with the ZPA Cloud. This allows a ZPA Private Service Edge to download the relevant policies and configurations so it can enforce all ZPA policies. It also caches path selection decisions.
ZPA Private Service Edges can be deployed in several forms. Zscaler distributes images for deployment in enterprise data centers and local private cloud environments such as VMware.
Cloud Security Solutions with Zscaler & Asante Cloud
By Asante Cloud
Discover a comprehensive suite of Zscaler Cloud Security Solutions on AWS Marketplace. Protect your cloud journey with Cloud Connector, Private Access, Internet Access, and more, ensuring secure and compliant access to applications and the internet.
Secure Cloud Foundation powered by Velocity
By Accenture
Secure Cloud Foundation provides a cost effective, scalable solution which streamlines, automates, and expedites build and operation of enterprise class landing zones for both migrated workloads and net-new builds on AWS.
Zscaler Private Access Connector
By Zscaler, Inc.
ZPA Connectors provide the secure authenticated interface between a customer's servers and the Zscaler Private Access cloud.
App Connectors can be deployed in several forms. Zscaler distributes a standard virtual machine (VM) image for deployment in enterprise data centers, local private cloud environments such as VMware, or public cloud environments such as Amazon Web Services (AWS) EC2. Additionally, Zscaler provides packages that can be installed on supported Linux distributions.
Connectors can be co-located with your enterprise applications, or they can be deployed in any location that has connectivity to the applications. Typically, they are deployed on network segments that can access secured applications and the ZPA cloud simultaneously, such as in a DMZ. Connectors only connect outbound; they do not need any inbound open ports to operate correctly.
Zscaler Cloud Connector
By Zscaler, Inc.
Enabled by the Zscaler Zero Trust Exchange (ZTE), Zscaler Cloud Connector is a virtual machine (VM) that simplifies traffic forwarding to Zscaler services. It extends the capabilities of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) to cloud-native workloads, which allows enterprises to secure cloud workload communications over any network.
The ZTE enables workloads to communicate with each other and have a granular security policy applied. The communication may be from private workloads (i.e., IaaS, physical data center) to public workloads (i.e., SaaS/internet), or between private workloads (i.e., IaaS to IaaS, IaaS to physical data center).
Zscaler Incident Receiver
By Zscaler, Inc.
The Zscaler Incident Receiver is a tool to securely receive DLP policy violation details via ICAP. It can run on an AWS EC2 instance, an Azure VM, or on-premises to integrate seamlessly with Zscaler services.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.