What is Single Scan Multi Action (SSMA)?

Examining how Zscaler processes data for improved efficiency.

What is Single Scan Multi Action (SSMA)?
Photo by Matteo Vistocco / Unsplash
💡
This is part of an on-going series in cybersecurity foundations. Check the cyber 101 article tag index from time to time for more content.

Any time we're implementing security measures in the cloud, there's an extra degree of latency. After all, it takes a certain amount of time for light to travel through glass 😄. So naturally, once data reaches a cloud-based security solution, processing efficiency is absolutely essential. We want that data examined FAST and continue on to wherever it needs to go. Zscaler has a patented approach to address this challenge. They call the processing technique "Single Scan Multi Action" (SSMA).

Instead of processing a data packet in a series of sequential steps (service chains), the SSMA technique allows the Zscaler component to examine the data with multiple inspection engines at the same time. Incoming user data that's received on a cloud gateway (public service edge) is placed in a secure shared memory space which allows all CPUs on that enforcement node to process the data at the same time. Each critical security function (e.g. URL filtering, IPS, DLP, anti-virus, etc) has its own CPU resource to look at the data immediately.

It's a pretty cool technique/idea. For more information on the topic, check out:

A Look into Zscaler’s Cloud Security Kitchen | Zscaler
I recently started working at Zscaler and one of the things that interested me most about Zscaler was their cloud security offering. Offering a Security as a

https://help.zscaler.com/zia/understanding-policy-enforcement