Zscaler Cloud IPS enables you to have all threat and alert data in one place. Full user, file and app context is available. Streaming to a SIEM allows further integration into the SOC ecosystem.
The Zscaler Threat Library allows administrators and SOC personnel to drill down on IPS alerts to perform in-depth analysis of threat data within their installation. Search by vulnerability, category or keyword
For more details: https://www.zscaler.com/produc...
Zenith Live, Azure, Carlsberg Group
We primarily use the solution for offering local secure internet access, such as those involving IPsec or GRE tunnels from site to the Zscaler. The security operation people running the policies and activating the different features provide insight into what is going on within the Zscaler solution.
IPS is more geared towards providing users access to the public internet, not those involving typical use cases which are cloud-or-SaaS-based. When it comes to user access to the World Wide Web, combined IDS/IPS does make sense. We provide access for this kind of traffic. This is primarily important for inbound traffic.
The ZPA solution is private access. The focus is not so much on the iPad as on the ZPA. Certain clients have voiced concerns about having a device in the data center and the control plane directly leading to the cloud. They would prefer a solution without the tunnel and without an active device of a cloud provider in their data center, meaning their DMZ, which would require access to the private data center applications from the remote users.
When it comes to scalability, the IPsec could be improved. The GRE tunnel, obviously, supports a high amount and high bandwidth. In contrast, the IPsec still comes with limitations, particularly based on the access gateway side of Zscaler.
We have been using Zscaler Cloud IPS for the past three or four years.
We have not encountered any compalaints of note concerning the stability, but this is also due to us always using the secondary data center, a backup data center. This allows us to go for the second one if the first is not reachable.
We use the Zscaler team and do not directly offer support. We have not required support.
The initial setup is straightforward and easy in comparison with other solutions. We are talking about security, not switching on a TV. Things are not self explanatory and a certain amount of knowledge is required.
Zscaler has so far been solely responsible for all the sales we have done with it, so it would be more suited than us to address any issues concerning the pricing.
I have no knowledge of how much a Cloud IPS portion costs on a monthly or yearly basis.
Secondary backups are a common practice. We, of course, are using Zscaler. As we have an API to their cloud environment, we have it automated there.
I rate Zscaler Cloud IPS as a nine out of ten.
