Zscaler for Google G Suite

SOLUTION BRIEF

Zscaler

for Google G Suite

Deliver a fast and secure user experience the

recommended way

Adopting Google G Suite? The only metric that matters is user satisfaction.

As a critical business platform, Google G Suite can provide tremendous productivity advantages, but only

if IT departments can deliver the best possible user experience. The challenge is that most networks

today are not architected properly to deliver the performance and security needed for cloud and mobility.

Traditional networks were designed with the data center in mind. Backhauling branch oce trac and

mobile users to applications located in the data center made perfect sense. But with SaaS platforms,

such as Google G Suite, these apps have now moved to the cloud, and are no longer in your data center

or behind your gateway security appliances. In addition, your users are increasingly mobile and off

network and no longer behind your security controls. So while your users and apps are off network, why

do you continue to backhaul these connections through costly networking infrastructure and latency-

inducing security appliances? All this quickly leads to a terrible user experience and frustrated users.

For the best user experience, Google recommends direct internet

Zscaler delivers an optimal G Suite customer experience

Today, the Zscaler Cloud Security Platform processes petabytes of application trac every month for more

than 700 customers around the world, and growing. With our G Suite customers, we’ve seen an average

increase in network utilization of 40 percent, and that’s because each user is now generating between 12

and 20 persistent connections. This increase can easily overwhelm rewalls and increase your transport

budget. This is why Google now recommends performing NGFW capacity assessments, WAN latency

assessments, and focusing on on the user experience. Together, Google G Suite and Zscaler can deliver an

optimal user experience while organizations realize the operational and cost benets of G Suite.

Google Recommended

Direct internet connection

Optimal method for best

user experience

Hub-and-spoke network

with centralized proxy

Not recommended as traffic

overwhelms gateway appliances

Google Network best practices for large deployments

SOLUTION BRIEF

The problem with direct internet and appliances for G Suite

Delivering the best G Suite user experience with Zscaler

Hub-and-spoke network with

appliances and direct internet

Zscaler for Google G Suite

Direct internet for a fast and

secure user experience

For best performance, G Suite was built to be accessed securely

and reliably via a direct internet connection. However bypassing

your gateway means bypassing your security. Deploying security

appliances at each branch may seem like an option that can

improve the user experience, but it is expensive to buy, deploy

and maintain.

Challenges with using appliances for direct internet

• Requires appliance capacity assessments to ensure they

can handle the high number of long-lived connections.

• Requires security compromises when budget limits branches

to just UTMs or rewalls for security.

• Hardware limits the ability to scale as user demand

and trac grows.

• Requires local DNS connectivity for fastest performance

As a pioneer in cloud security, the Zscaler Cloud Platform

makes deployment of Google G Suite easy. It provides your

users with a fast G Suite and internet experience via local

internet breakouts, while maintaining the highest level of

security for open internet trac.

Simply point your internet and G Suite trac to the closest

Zscaler data center (there are more than 150 around the world).

There is no hardware to deploy and manage and since trac is

routed locally, you can reduce your MPLS spend.

Zscaler’s Cloud Firewall, which is application- and user-aware

can easily scale to support the massive number of persistent

G Suite connections. Unlike with appliances, making rewall

changes is simple. All you need to do is log in to the admin portal

and, within seconds, your changes are enforced worldwide. Per

Google recommendations, Zscaler can be congured to not

inspect G Suite trac, but does inspect all other internet trac

to keep your users safe and your data protected.

SaaS Open internet

Data Center

HQ LondonNew York

Gateway

SaaS Open internet

Internt

Exhange

Peering

HQ LondonNew York

SOLUTION BRIEF

Controlling and securing your direct internet connetion with Zscaler

With G Suite voice and video apps, such as Talk and Hangouts, Google recommends routing more than

just web trac directly over the internet. By using Zscaler Cloud Firewall, you easily route all required

trac directly to the internet and still provide next-generation rewall capabilities. Zscaler Cloud

Firewall enables full access control across all ports and protocols for all outbound and inbound user

trac. Developed as a security stack as a service, the Zscaler Cloud Platform also enables complete

content and threat inspection on your open internet trac. With multiple security technologies, such as

sandboxing, CASB, DLP and URL ltering, you can restore security back to your direct internet connection

for all your users open internet trac.

Optimize G Suite connectivity with Zscaler and Google peering

The Zscaler Cloud Security Platform spans more than 150 data centers and peers with Google around

the world to deliver connection times that are lighting fast with minimal latency and full elastic scalability.

With the Zscaler Cloud Platform, DNS resolution will always be fast and local, no matter the user location.

Zscaler peering

with G Suite

Peering in most major internet

exchanges with 1-2 ms round

trip time.

Scalable cloud

access controls

Cloud platform can automatically

scale to handle the high number

of long-lived connections.

Never run out of user capacity.

Network path

optimization

Local DNS always delivers a fast

user connection no matter the

connection location.

Prioritize G Suite bandwidth with Zscaler Bandwidth Control

Zscaler provides sophisticated bandwidth management controls, which allow you to guarantee bandwidth for

G Suite trac during periods of contention — as when users are watching recreational, non-critical trac, such as

YouTube. Zscaler gracefully slows the connection – before the last mile – without discarding packets, so a user gets

an uninterrupted experience. The stream is simply downgraded when contention occurs. These controls can also be

applied to large le downloads (such as OS updates) that can often degrade the G Suite video or voice experience.

Why Zscaler for Google G Suite?

Proven deployment model

Best user experience

• Fast path to Google G Suite via local

internet breakouts

• Guarantee bandwidth for G Suite

• Peering with Google in major data centers

Rapid deployment

• No hardware or software to deploy

• No infrastructure upgrades required

• Easily congured to bypass trac inspection

Impressive value

• Reduced MPLS spend

• No appliance upgrades needed

• Simplied management

Real-time visibility

• Immediate visibility into all internet

and G Suite trac for all users in

all locations

About Zscaler

Zscaler (NASDAQ: ZS) accelerates digital transformation so that customers can be more agile,

efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from

cyberattacks and data loss by securely connecting users, devices, and applications in any location.

Distributed across more than 150 data centers globally, the SASE-based Zero Trust Exchange is the world’s

largest inline cloud security platform. Learn more at zscaler.com or follow us on Twitter @zscaler.

service marks or (ii) trademarks or service marks of Zscaler, Inc. in the United States and/or other countries. Any

other trademarks are the properties of their respective owners.

Zscaler, Inc.

120 Holger Way

San Jose, CA 95134

+1 408.533.0288

www.zscaler.com







 

SOLUTION BRIEF

Learn how Zscaler can help you make a good thing even better

Zscaler can make your G Suite deployment more simple, smooth, and successful, with no appliance

upgrades needed. If you already use the award-winning Zscaler Cloud Security Platform, you can easily

congure Google G Suite use for your installation. Otherwise, contact Zscaler to request a demo and

more information.

Zscaler Internet Access delivers your security stack as a service from the cloud,

eliminating the cost and complexity of traditional secure web gateway approaches.

Zscaler Internet Access

ACCESS CONTROL

URL FILTERING

CLOUD FIREWALL

BANDWIDTH CONTROL

DNS FILTERING

THREAT PREVENTION

ADVANCED PROTECTION

CLOUD SANDBOX

ANTIVIRUS

DNS SECURITY

DATA PROTECTION

DATA LOSS PREVENTION

FILE TYPE CONTROLS

CLOUD APPS (CASB)

Zscaler Multi-Tenant Cloud Security Platform

Used as the foundation for Google G Suite direct internet connections, Zscaler Internet

Access delivers the full security stack as a service from the cloud. By integrating security

services within a multi-tenant, scalable cloud platform, enterprises can eliminate the cost,

complexity and performance challenges of traditional centralized gateway approaches.