Zscaler CEO Jay Chaudhry: ‘Don’t Do Network Security’

While firewalls and VPNs served their purpose in the past, the recent flood of network compromises and availability of zero-trust security approaches means that ‘network security architecture is irrelevant,’ Chaudhry tells CRN.

https://youtu.be/K9v1ZaOx1rY


The recent onslaught of cyberattacks exploiting network firewalls and VPNs is increasing the urgency around moving to a modern security architecture based on zero-trust security principles, Zscaler Founder and CEO Jay Chaudhry said Monday.

Firewalls and VPNs “have lived a useful life,” Chaudhry said in response to questions from CRN editors during the 2025 XChange Best of Breed Conference. But without a doubt, recent incidents such as the exploitation of zero-day Cisco firewall vulnerabilities have shown that such technologies are no longer fulfilling their core mission of increasing security, he said.

[Related: Zscaler CEO Jay Chaudhry: Firewall Vendors ‘Can’t Really Do Cost Reduction’]

The flaws impacting Cisco Adaptive Security Appliance devices prompted a rare “emergency directive” from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in September, while one of the prior directives of this sort from CISA involved VPNs from Ivanti in 2024, Chaudhry noted.

Ultimately, if network security devices have themselves become the weak link on cybersecurity, then “having the network security architecture is irrelevant,” Chaudhry said during the conference, hosted by CRN parent The Channel Company in Atlanta. “I like to say, ‘Don’t do network security.’”

What’s actually most important in today’s IT environment is securing the flows of data between applications, servers and endpoints, Chaudhry said.

That’s what zero-trust security architecture can offer by only allowing the connections between systems and devices that are necessary and validated, he said.

It’s about moving “away from network security to focusing on securing the data,” Chaudhry said. “The right entity talking to the right entity is what we need.”

There’s no question that when so many of an organization’s users and applications are no longer located within their physical offices, relying on network-based edge systems for security is increasingly an outdated idea, according to Manak Ahluwalia, president and CEO of Aqueduct Technologies, a Zscaler partner based in Canton, Mass.

“The traditional way of doing it is probably not even viable anymore,” Ahluwalia said.

https://www.youtube.com/watch?v=rj9EDEibMro

‘De Facto Standard’

By contrast, Chaudhry’s long-held vision for moving from traditional network security to a zero-trust architecture is proving to be the right approach, Ahluwalia told CRN.

“I think the fact that Zscaler natively built their entire platform to already be in the cloud — and really be what I’d call a universal gateway between users, applications, data, public cloud — is huge,” he said.

In the process, “they’ve created a pretty significant niche for themselves in the marketplace, and they’ve been pretty channel-friendly to work with,” Ahluwalia said. In many ways, Zscaler has become the “de facto standard” for SSE as a result, he said.

One major reason for Zscaler’s ascendancy in the segment is that the vendor found a way to dramatically simplify technologies such as zero-trust network access (ZTNA), which were seen as promising but proved exceedingly difficult to deploy in practice, according to Chandler Bassett, vice president of solutions and strategy at Aqueduct, No. 314 on CRN’s Solution Provider 500 for 2025.

With the help of its channel partners such as Aqueduct, Zscaler “created an easy button for ZTNA for a lot of organizations that knew they wanted to get there, but were saddled with years of tech debt,” Bassett said.

‘Foundational Change’

Going forward, Zscaler plans to continue expanding its “zero trust everywhere” approach with a major focus on securing AI agents, which will need access to a wide array of data sources and systems to be useful, Chaudhry said.

“We’ve done this [securely] for users,” he said. “It’s natural for us to extend it for agents.”

Ultimately, adopting a zero-trust posture is “the foundational change in how things are done” that the industry needs to slow the breakneck pace of network compromises, Chaudhry said. “If we adopt zero trust, probably 80 percent of the issues will go away.”