Google Cloud Virtual Private Cloud has a network of 27 regions and 200+ countries and territories, boasting little to no downtime for its users. It is automatically configured or can be done by the user and allows you to bring your own IP addresses to reduce downtime caused by migration.
$0
per ingress traffic
Zscaler Private Access
Score 9.2 out of 10
N/A
Zscaler Private Access™ (ZPA) gives users secure access to private apps and OT devices while enabling zero trust connectivity for workloads.
N/A
Pricing
Google Cloud Virtual Private Cloud (VPC)
Zscaler Private Access
Editions & Modules
egress traffic
$0 - 0.15
per GB
ingress traffic
$0
based on services that process ingress traffic: Load Balancers, Cloud NAT, Protocol forwarding.
Premium Tier (egress rates)
$0- $0.23
per month per GB of data delivered
Standard Tier (egress rates)
$0.045, $0.065, $0.085
per month per GB of data delivered: 150-500TB, 10-150TB, 0-10TB
An effective pricing strategy is in place. Google Cloud VPC is the most secure since it runs on a private network and never contacts the public network. Google is well-known for its AI/ML and Kubernetes engines, both of which have a leg up on the competition. Google Cloud VPC's database services are yet to be improved.
Zscaler Private Access works really well in environments setup for FQDNs and where you know what users should/shouldn't be accessing on what ports. You can use Zscaler Private Access to figure out these kinds of features but that doesn't always mean you'll be correct. It also provides a consistent experience for users as they can access their materials anywhere. It also makes the user the last line of defense. If a user's account is compromised then the attacker has access to everything they already did. It doesn't work great in OT environments or Server based environments. Flows have to be initiated from the client and not the server for stuff to behave properly.
Connecting users remotely with a secure connection. I am a service desk agent who works with end users, and if there is an issue due to ZPA, it's most likely due to configuration. A really good service.
Logging, I believe, works well as I troubleshoot end users and can gather extra details for my network admin. IP.zscaler.com, and the debug logs are nice. Additionally, I like how it shows the App policy assigned to the user's machine ECT.
Needs an interface for Support Desk/Help Desk to more easily understand that the problem is a lack of an FQDN or access is not allowed due to policy, not because of a technical shortcoming in ZPA.
Documentation of the BC solution is not well-detailed.
VPC is a difficult concept to grasp and recommendations for configuring it would be helpful in educating the users to make the right choice while using the product in configuring networking for their cloud deployments. Also, the user interface can be intuitively designed so as to suggest templates to perform common configurations with regard to VPC.
The environment feels more secure, and we are seeing that users are adapting to it fast. The fact that we have tools to assist the users with their day-to-day access helps, as we can hand it off to the helpdesk without any escalations to the Network team. It is a work in progress for our agency, but we are seeing the benefits from the solution.
Google VPC and networking infrastructure is very matured and is built later after Amazon VPC. It made sure to address all the limitations faced by amazon VPC. Google Virtual private cloud is across regions while amazon VPC covers only one region but multiple zones. Google VPC is a global resource while AWS is a regional resource.
ZPA is where the bulk of zero-trust access is found. While the functionality for ZIA is excellent, the policy we implement for internet access is more focused on threat prevention and not narrowly scoped access.
We used to get anywhere from 30 to 50 tickets surrounding our previous VPN solution every month. We now average 3-5 tickets regarding remote connectivity, and of those, only 1 or 2 are actual issues with ZPA.
Using ZPA Access Policies, we can now block endpoints that have outdated security software from ever connecting to our environment. This was simply not possible with our previous solution.
Some of our employee base skews older and had a harder time understanding the change from VPN to Zscaler.
There is significantly less downtime with ZPA when compared to other VPN solutions.
