What are the high-level layers of Zscaler architecture?

A quick intro into the 3 logical layers of Zscaler architecture.

What are the high-level layers of Zscaler architecture?
Photo by Clark Van Der Beken / Unsplash
💡
This is part of an on-going series in cybersecurity foundations. Check the cyber 101 article tag index from time to time for more content.

Zscaler is a very popular solution in the cybersecurity industry. Over the next few weeks, I'll be delving into more details and topics related to them. As a starting point though, I want to introduce the basic architecture. Let's chat about the distinct logical layers (or "planes") that make up the core platform.

Zscaler's architecture consists of three planes:

  • Control Plane - This is the portion of the Zscaler infrastructure that handles administrator functions (often referred to as "Central Authority"). Think of it as the brains of the operation. It handles things like: policy development, configuration, and general administration.
  • Enforcement Plane - This is sometimes referred to as a "data" plane and contains the infrastructure that process user data/traffic. It's the part of the environment that does the actual work on user traffic (per admin specifications).
  • Logging Plane - This is the area of the infrastructure that handles storage for logging/records. To be clear and explicit: logs are not written to disk at the enforcement plane level. Instead, the logs are compressed, tokenized, and exported from the enforcement plane to infrastructure at the logging plane.

For more information, check out the following resources:

https://help.zscaler.com/zia/understanding-zscaler-cloud-architecture

https://help.zscaler.com/zpa/understanding-zpa-cloud-architecture