/ What Is a Multitenant Cloud?
What Is a Multitenant Cloud?
How Does Multitenancy Work?
In a multitenant environment, customers share the same application, operating environment, hardware, and storage mechanism. This is distinct from virtualization, wherein every application runs on a separate virtual machine with its own operating system.
A multitenant cloud is commonly likened to an apartment building—residents have keys to their own separate apartments, but they all share the infrastructure that delivers water and power. The provider (or the landlord, in this example) sets overarching rules and performance expectations for customers (tenants), but the individual customers have private access to their data.
Multitenant Cloud vs. Single-Tenant Cloud
Multitenant architecture refers to hardware or software architecture in which systems, software applications, or data belonging to multiple organizations or individuals are hosted on the same physical hardware. In a single-tenant architecture, meanwhile, the hardware and its resources are exclusively dedicated to one tenant. Let’s compare some of the attributes of these two architectures:
Examples of Multitenant Cloud Architecture
Most commercial public cloud services are based on multitenant clouds, including:
- Email services like Gmail and Outlook
- Streaming services like Netflix and Amazon Prime Video
- CRM software like Salesforce and Oracle NetSuite
Why Does Multitenant Cloud Architecture Matter?
Cloud service providers offer multitenant applications and services as a way to share cloud compute resources, with numerous benefits for the providers and their customers.
Benefits of a Multitenant Cloud
Multitenant clouds take advantage of their underlying architecture to provide:
- Efficiency, flexibility, and scalability: Multitenant cloud infrastructure makes it easy to onboard groups of users because there’s essentially no difference between onboarding 10,000 users from one company or 10 users from 1,000 companies. Where other architectures can suffer outages or slowdown based on demand, multitenant clouds can easily scale and reallocate resources when and where needed.
- Cost savings: Efficient usage and allocation of resources leads to lower costs. Tenants don’t pay for compute power or storage they may not use, and they need not worry about maintenance, upgrades, or updates to the infrastructure, as those responsibilities fall to the service provider.
- Security: The security benefits of a multitenant cloud are often misunderstood. While it’s true that select industry and government regulations don’t permit shared infrastructure regardless of the security measures in place, a cloud provider with a worldwide footprint can offer far superior protection with a multitenant architecture, able to implement new or updated policies on a global scale across the entire cloud.
What About Hybrid Security Solutions?
Today’s organizations rely heavily on cloud-based apps as well as cloud platforms like Microsoft Azure and Amazon Web Services (AWS). As their transformations mature, many are realizing that it makes more sense to secure their traffic in the cloud rather than continue to depend on their on-premises data security.
On-premises hardware vendors are responding by promoting hybrid solutions in which appliances handle data center security while similar security stacks, housed in cloud environments, handle mobile or branch security. This hybrid strategy complicates, rather than simplifies, enterprise security by offering organizations none of the speed, scale, global visibility, or threat intelligence benefits of a true cloud service—benefits only a global multitenant architecture can provide.
Multitenancy, Security, and Zscaler
Today, everything from your applications to sensitive data and traffic runs or is stored outside your perimeter. It’s likely your users are often outside it, too, and as such, you need to provide consistent, secure access to apps and services wherever your users are, whichever devices they’re using. It’s this very need that gave rise to the secure access service edge (SASE).
Gartner defines SASE as a solution that offers “comprehensive WAN capabilities with comprehensive network security functions (such as SWG, CASB, FWaaS, and ZTNA) to support the dynamic secure access needs of digital enterprises.” True SASE architecture is distributed and globally accessible, providing seamless and secure connectivity, high bandwidth, low latency, and a great user experience anywhere.
The Multitenant Advantage
Some SASE solutions use a dedicated instance per customer, but this limits the solution’s scalability. Moreover, this model relies on a single-tenant architecture using network-based access policies in a SASE model, which should be based on user access. This often results in:
- Suboptimal user experience because of the need to backhaul traffic from the cloud to the vendor, and only then to the applications users want to access.
- More complex policies that don’t translate well to SASE.
- A patchwork of products or services that are connected only through an overlay user interface, not properly integrated.
The most effective SASE solutions are built from the ground up to be multitenant, with well-developed cloud infrastructures distributed across upwards of 100 data centers worldwide. Multitenant architecture allows users to access any of the SASE provider’s data centers and stay secure, all in an environment that can scale globally on demand for fast-growing organizations.
Zscaler leverages multitenancy to scale, easily scanning every byte of data coming and going—on all ports and protocols, including SSL—without negatively impacting performance or the user experience. The Zscaler cloud is always up to date, and as soon as it detects a new threat anywhere in the world, it sends instant protection to all customers.
Zscaler security controls are built into a unified platform, so they communicate with each other to provide a cohesive picture of all the traffic that’s moving across your network. Through a single interface, you can gain insight into every request—by user, location, and device around the world—in seconds.