Cloud-Delivered or Appliance-Based VPNs Expose Your Business to Cyberattacks

It's time for a zero trust architecture.
Speak to an expert

Calling a cloud-delivered VPN "zero trust" is misleading. Move from legacy or cloud VPNs to Zscaler.

Zscaler’s cloud native zero trust network access (ZTNA) solution delivers secure, fast access to private apps for all users, from any location.

Secure
Secure

Reduce your attack surface and the risk of lateral threat movement. No more internet-exposed remote access IP addresses—connections are brokered, not routed.

Fast
Fast

Deliver direct access to private apps through the closest of more than 150 points of presence, without backhauling traffic.

Simple
Simple

Easily deploy and enforce simpler, consistent policies across campus and remote users. Leverage our unified agent and support for agentless access.

The Problem

All VPNs enable lateral movement, which can often lead to ransomware attacks.

Prior to its recent emergency directive on Ivanti VPN vulnerabilities, the US Cybersecurity and Infrastructure Security Agency (CISA) had called out numerous other VPN CVEs over the years. Need more proof? Here's what a list of web and ChatGPT queries revealed as the "top VPN vulnerabilities reported by CISA recently".

history-of-common-vulnerabilities-exposures-cve

Vulnerabilities

CVEs

Ivanti Connect Secure (Pulse Connect Secure)

CVE-2024-21893

Ivanti Connect Secure (Pulse Connect Secure)

CVE-2024-21887

Fortinet

CVE-2023-27997

Cisco

CVE-2023-20073

OpenVPN

CVE-2022-0547

Palo Alto Networks GlobalProtect

CVE-2020-2034

Palo Alto Networks GlobalProtect

CVE-2020-2035

SonicWall

CVE-2020-5902

The challenge is that VPNs, whether hosted on-premises or delivered via virtual machines as a cloud access service, do not deliver a zero trust architecture. Rather, they provide network access, which can be exploited in a breach, enabling attackers to travel laterally and compromise high-value assets elsewhere on a network.

The Zscaler difference

Switch to Zscaler for a true zero trust architecture solution

icon-information-access
Secure private app access from anywhere

Connect users to apps, never the network, with AI-powered user-to-app segmentation. Prevent lateral threat movement with inside-out connections.

icon-emergency-access-user
Provide fast app access for all users

Give users direct access to private apps—delivered from 150+ points of presence worldwide—close to your users and apps for low latency. No traffic backhauling.

icon-finance-cost-down
Reduce cost and complexity

Leverage cloud native ZTNA to eliminate the need for VPN infrastructure as well as its hardware and opex costs, and accelerate M&A time-to-value without having to integrate networks.

icon-app-apps
Go beyond private app access

Deploy comprehensive cyberthreat and data protection for private apps with integrated application protection, deception, and data protection.