Microsoft Defender for Cloud Apps vs Zscaler Internet Access comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on May 31, 2022

We performed a comparison between Microsoft Defender for Cloud Apps (MDA) and Zscaler Internet Access based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both solutions say that their initial setup is straightforward.
  • Features: Users of both products are happy with their stability and scalability. Microsoft Defender users say that it is easy to use, integrates well with other applications, and has good monitoring features. However, they would like to see better alerting capabilities. Zscaler Internet Access users like its VPN and say that it is very secure and lightweight but that its reporting features need improvement.
  • Pricing: Most Microsoft Defender reviewers feel that it is an expensive product. In contrast, most Zscaler Internet Access users feel that it is reasonably priced.

  • ROI: Reviewers of both solutions report seeing an ROI.
  • Service and Support: Some Microsoft Defender reviewers report being satisfied with the support but others feel there is room for improvement. Zscaler Internet Access users report being satisfied with the support.

Comparison Results: Zscaler Internet Access is the winner in this comparison because it received higher marks than Microsoft Defender in the support and pricing categories.

To learn more, read our detailed Cloud Access Security Brokers (CASB) Report (Updated: November 2022).
657,849 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"You can manage and create policies based on a group of users. It can permit some URLs and block others.""I like the original functionality, which allows for providing secure DNS services.""There is much differentiation within the licensing so if anyone wants DNS security from the DNS security log, we are there already, and if anyone wants to go to a secure internet gateway, that is also available. We can get the integrated cloud DLP license keys. That is a good benefit with Cisco Umbrella. You can get a complete solution in a single licensing.""The most valuable thing is how easy it is to deploy. We did it with 9,000 users at my last job, and it took a week to get to all the endpoints. Doing that without having to physically touch all those endpoints was very simple.""Its simplicity is most valuable. I can install it and get it up and running, and it can be pervasive across my business within a business day. It is pretty simple and straightforward to install and configure. Its remit is reasonably clearly defined. When you look at solutions like Darktrace and Carbon Black, the mission objective isn't as clearly defined. Cisco Umbrella, Sophos Central, or some of the other solutions have a more standardized approach to antivirus, which includes enhanced response from the machine learning or deep learning perspective.""One valuable feature is definitely its simplicity in terms of deployment. It is very easy to integrate it into the environment without any heavy lifting. Users didn't notice that we implemented it. You can start with a very low monitoring mode and start observing what Cisco Umbrella sees.""Cisco Umbrella is such a solution and can be implemented very fast and easy. All that we must do is redirect the DNS registers in their routers, or the active directory service of the enterprise that are going to use in Umbrella services. If you buy the service now, in two hours you are protected by the service because it's very fast to put in service.""Any time someone went off the network, the AnyConnect client had the Umbrella agent built in, and it would realize when their computer connected that they were not on the corporate network. It would monitor and they would have pretty close to the same rules that they had to follow when they were in the office, regarding what kind of website browsing they could do."

More Cisco Umbrella Pros →

"The most valuable feature of Microsoft Defender for Cloud Apps is to stop shadow IT.""On-demand scanning is the most valuable feature. In addition, it's a fairly fluid product. It syncs back to the cloud and provides metrics. It's pretty intelligent.""The solution does not affect a user's workflow.""The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly.""Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment.""In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes.""It's very easy to install and it includes the Intune portal from Microsoft where I can control all the devices from one place.""We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."

More Microsoft Defender for Cloud Apps Pros →

"The most valuable features of Zscaler Internet Access are it's on the cloud, high network performance, and the interception of users is very easy.""The solution is scalable and stable.""We enjoy all of the proxy capabilities and the capability to integrate into the SIEM/SOC solution.""Zscaler Internet Access's best feature is the granular policy controls.""For our needs, the cloud-native proxy architecture is a very good solution. We are moving away from on-prem appliances and moving more toward cloud-based solutions. Zscaler is a good fit for our strategy. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway.""There is no lag in service when accessing the internet.""The protection is most valuable.""Zscaler Internet Access has helped us reduce the time that we spend managing security policies by about four hours a week. We can use this time to focus on other things, especially the IT team."

More Zscaler Internet Access Pros →

Cons
"Having ready-to-go templates with best practices is definitely something that would be an improvement. Deployment, from day one, is something that definitely needs to be improved for Cisco customers.""Cisco Umbrella should introduce an on-premises device.""We faced an issue regarding virtual appliances (VAs) during deployment. They could improve the quality and management of the virtual appliances offered right now. You can't see much because it is a Linux machine, and they have customized it. You don't have any route access to the machine, only seeing limited things in it. When we opened a ticket, they didn't know much about VAs themselves. So, that is where it is lacking right now. I know this will improve in the long run.""If we're trying to deploy it to a Mac through Meraki, it's impossible. The method of deployment for a Mac, and the features available in Meraki, are not compatible at all.""It could be improved by having a local data center and caching, which can provide protection support. I would like to be able to channel my intel and my network traffic to their clouds, and this feature is not available. Advanced protection or any malware file support, which might be required, is not available.""It's a very new product, so it's quite immature at the moment. It can be more user friendly.""In my experience with Umbrella support, sometimes the response times take a bit more time than we would like... sometimes, if you go through email, it can take quite a while to get a response.""Network connectivity was a bit of a challenge at the beginning, but we were able to get the right help from Cisco."

More Cisco Umbrella Cons →

"The integration with macOS operating systems needs to be better.""We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility.""Currently, reporting is not very straightforward and it needs to be enhanced. Specific reports are not included and you need to run a query, drill down, and then export it and share it. I would love to have reports with more fine-tuning or granularity, and more predefined reports.""Sometimes, we'll get false positive alarms. For example, when a SharePoint path has no file sharing, but there is an external user, it will trigger an alarm that the file has been shared with an external user... the alerting mechanism should be more precise when giving you an alert about what activity has been done with the file...""They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing.""This service would be better if it had a separate license, only for this service, that could be used to track usage.""There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default.""I want them to enhance in-session policy."

More Microsoft Defender for Cloud Apps Cons →

"The solution is expensive. They recently revised the pricing and packaging. Some of our existing customers have been asking for alternate solutions for a lower price.""We'd like to have more plugins and integration.""The interface for administration could be better. They should upgrade the management portal.""The performance needs improvement. Some areas create performance issues and, depending on the use cases, require reconfiguration to perform again.""One thing that they could improve is the ability to import rules from other platforms.""They could provide more time for the onboarding the training of an IT person.""In terms of user experience, it could be better.""If they can also integrate with the multi-factor authentication to prompt users to do another, second-factor authentication, that would be ideal."

More Zscaler Internet Access Cons →

Pricing and Cost Advice
  • "There is a subscription cost."
  • "The price could be lower."
  • "The price is quite good."
  • "Pricing depends on the automation requirements of the organization."
  • "It has a reasonable price. It is certainly not as expensive as it used to be. It is in line with other offerings on the market. There are a number of different flavors of Umbrella. They could bring Umbrella SIG down a bit because its price is a little bit high for what it does, but I also understand why its price is high."
  • "Cisco Umbrella is expensive and could be cheaper."
  • "When talking about Cisco solutions in general there pricing model is horrible. For example, you can sell a Meraki-based solution, but if the customer starts shopping around, someone is going to have access to the pricing at a level that you cannot compete because they do not have uniform pricing. Not everybody gets fair pricing. Unless you are one of the real major corporations selling the solution your ability to compete is impossible. Cisco will acknowledge the situation and assure you next time it will be in your favor but it never becomes favorable for you. Cisco is not very good in this regard. However, Umbrella is good."
  • "The licensing fee is paid on a yearly basis."
  • More Cisco Umbrella Pricing and Cost Advice →

  • "Our clients normally use the Microsoft E1 licensing, which is renewed yearly."
  • "The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD."
  • "I'm not totally involved in the pricing part, but I think its pricing is quite aggressive, and its price is quite similar to Netskope. Netskope has separate licensing fees or additional charges if you want to monitor certain SaaS services, whereas, with MCAS, you get 5,000 applications with their Office 365. It is all bundled, and there's no cost for using that. You only have the operational costs. In the country I am in, it is a bit difficult to get people with the required skill sets."
  • "Its pricing is on the higher side. Its price is definitely very high for a small-scale company. As an enterprise client, we do get benefits from Microsoft. We get a discounted price because of the number of users we have in our company. We have a premier package, and with that, we do get a lot of discounts. There are no additional costs. It only comes in the top-tier packages. Generally, the top-tier license is the best license that you can get for your organization. If you want, you can buy it separately, but that's not a good idea."
  • "The price could be better and should be reconsidered."
  • "It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive."
  • "We are an MST and we do not pay for the solution. However, the price of the solution could be better."
  • "The cost could be improved when you need to pay for anything. For example, refreshing files takes time to load, though it may be my Internet. To improve the refresh time, Microsoft says that we need to pay for a Premium license, and I don't like paying for things that help make a solution better."
  • More Microsoft Defender for Cloud Apps Pricing and Cost Advice →

  • "The pricing is fair based on its competitive market."
  • "The price is competitive. It's not cheap and it's not expensive."
  • "The pricing for Zscaler Internet Access could be made cheaper."
  • "The price of Zscaler Internet Access should improve, it is expensive."
  • "We have found the solution to be expensive."
  • "Licenses are available on a per-host basis. Some features like sandboxing require an additional fee, but most standard features are included in the license."
  • "We pay around 6,500 INR per user per year, which is very expensive. I would rate Zscaler's pricing one out of five."
  • "Because it's a cloud solution, we pay on a yearly basis. It is affordable and includes tech support and all features."
  • More Zscaler Internet Access Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.
    657,849 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried.… more »
    Top Answer:Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-native… more »
    Top Answer:The single-pane-of-glass management is really important. In today's era, administration costs and operational expenses… more »
    Top Answer:In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the… more »
    Top Answer:The E5 license offers everything bundled. People are moving to Microsoft because you buy one license and it gives you… more »
    Top Answer:The visibility it provides is quite good. You get all the logs for investigation purposes. But there should be more… more »
    Top Answer:We researched Netskope but ultimately chose Zscaler. Netskope is a cloud access security broker that helps identify… more »
    Top Answer:There is no lag in service when accessing the internet.
    Top Answer:The solution is quite expensive. It's around double what others are offering. The price we pay includes everything. It… more »
    Comparisons
    Also Known As
    OpenDNS
    MS Cloud App Security, Microsoft Cloud App Security
    ZIA
    Learn More
    Overview

    Cisco Umbrella offers flexible, cloud-delivered security according to users’ requirements Cisco Umbrella includes secure web gateway, firewall, and cloud access security broker (CASB) functionality all delivered from a single cloud security service. Cisco Umbrella’s protection is extended to devices, remote users, and distributed locations anywhere. As company employees work from many locations and devices, Cisco Umbrella is the easiest way to effectively protect users everywhere in minutes.

    Cisco Umbrella uses machine learning to search for, identify, and even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. These domains are then proactively blocked, protecting networks from potential compromise. Cisco Umbrella analyzes terabytes of data in real time across all markets, geographies, and protocols.

    Cisco Umbrella works with leading IT companies to integrate its security enforcement and intelligence. Built with a bidirectional API, Cisco Umbrella makes it easy to extend protection from on-premises security appliances to cloud controlled devices and sites.

    Cisco Umbrella is suitable for small businesses without dedicated security professionals, as well as for multinational enterprises with complex environments.

    Why use Cisco Umbrella?

    • Simplify security management: Cisco Umbrella is the fastest and easiest way to protect all users within minutes and reduces the number of infections and alerts sent from other security products by stopping threats at the earliest point. With no hardware to install and no software to manually update, ongoing management is simple

    • Reliable reporting: Cisco Umbrella reports show activity for each device or network in the system. Users gain a more complete picture of the security risks facing their organization and can take action to remedy them.

    • Manage and control cloud apps: Umbrella provides visibility into sanctioned and unsanctioned cloud services in use across the enterprise. Users can uncover new services being used, see who is using them, identify potential risk, and block specific applications easily.

    Reviews from Real Users

    Cisco Umbrella stands out among its competitors for a number of reasons. Some of the major ones are its DNS-based protection, ability to protect users no matter where they are located, stability, and high performance.

    Daniel B., a network specialist at Syswind Kft, writes, “We primarily use the solution as cloud security for our branches. It protects us from direct internet outbreaks. It makes for good flexibility. The solution is very easy to manage. We found the initial setup, for example, to be quite simple. Efficient protection on the DNS level and even higher. The sandboxing feature analyses and handles the complicated security risks.”

    Victor M., SOC & Security Services Director at BEST, notes, “It provides security for the remote workers and it helps to improve enterprise security in a very easy way. We mainly enjoy web software protection capabilities. It prevents the end-users from getting into bad sites or sites that potentially could have malware or could be phishing. It helps end-users avoid the wrong sites. The solution works very smoothly. The user interface is good.”

    Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) that provides multifunction visibility, control over data travel, and sophisticated analytics. With Microsoft Cloud App Security, you can: 

    - Manage, control, and audit apps to streamline cloud access security

    - Mange your access to resources to discover shadow IT and understand your digital information estate

    - Use real-time controls to enable threat protection on all the access points that touch your environment

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Zscaler Internet Access is a cloud-native security service edge (SSE) platform. Its main purpose is to provide AI-powered protection for all users, all applications, and all locations. The solution replaces other legacy network security solutions to stop advanced attacks and prevent data loss by using a comprehensive zero trust approach.

    Zscaler Internet Access Features

    Zscaler Internet Access has many valuable key features. Some of the most useful ones include:

    • Proxy (native SSL)
    • IPS and advanced protection
    • Cloud sandbox
    • DNS security
    • Cloud firewall
    • URL filtering
    • Bandwidth control
    • DNS filtering
    • Cloud DLP w/EDM and IDM
    • Cloud access security broker (CASB)
    • Cloud security posture management (CSPM)
    • CloudBrowser isolation
    • Cloud secure web gateway (SWG)
    • Zero trust network access (ZTNA)
    • Digital experience monitoring

    Zscaler Internet Access Benefits

    There are several benefits to implementing Zscaler Internet Access. Some of the biggest advantages the solution offers include:

    • Fast access with zero infrastructure: Zscaler Internet Access creates a fast, seamless user experience because of its direct-to-cloud architecture. With no infrastructure, Zscaler Internet Access helps you eliminate backhauling, which improves performance and simplifies network administration.
    • Threat intelligence: By using threat intelligence, Zscaler Internet Access can stop ransomware, zero-day malware, and advanced attacks via Inline inspection of all internet traffic, including SSL decryption, and a suite of AI-powered cloud security services. 
    • Consistent security: With Zscaler Internet Access, your security policy goes everywhere your users go. When you move security to the cloud, all users, applications, devices, and locations remain protected and secure based on identity and context.
    • Hybrid workforce: Zscaler Internet Access enables secure access to all external and internal apps from anywhere, so remote work is not an issue. You can also enforce business policies that follow the user, making security identical regardless of location.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Zscaler Internet Access users.

    A Service Manager at a construction company says, "There are a bunch of different capabilities that are valuable within the platform. We use quite a lot of them, but not everything. The ones that are most important to us are the URL Filtering and the application control. For our needs, the cloud-native proxy architecture is a very good solution. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."

    Owen N., Security Architect at Claro Enterprise Solutions, explains that the solution’s most valuable features include “The integration of the gateway that inspects all ports and protocols. So, there is threat prevention; The cloud sandbox; VNS security; Access control that will protect URL filtering and the cloud firewall; Data protection that will protect your gateway, like your CASB or your cloud DLP; The capabilities of this will point your traffic to Zscaler Cloud.”

    An Architecture Senior Manager at an insurance company mentions, "The data loss prevention feature is the most valuable. It stops our users from inadvertently leaking our customers' data to the Internet or anywhere else it shouldn't go." He also adds, “The solution provides quick access to cloud services, securing our data and allowing us to inspect all our traffic.”

    Offer
    Learn more about Cisco Umbrella
    Learn more about Microsoft Defender for Cloud Apps
    Learn more about Zscaler Internet Access
    Sample Customers
    Chart Industries, City of Aspen, Eastern Mountain Sports, FLEXcon, George Washington University, Jackson Municipal Airport Authority, Ohio Public Library Information Network, PTC, Richland Community College, Smart Motors, Tulane University, VeriClaim
    Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.
    Ulster-Greene ARC, BanRegio, HDFC, Ralcorp Holdings Inc., British American Tobacco, Med America Billing Services Inc., Lanco Group, Aquafil, Telefonica, Swisscom, Brigade Group
    Top Industries
    REVIEWERS
    Financial Services Firm16%
    Educational Organization9%
    Comms Service Provider9%
    Computer Software Company7%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider14%
    Financial Services Firm8%
    Government6%
    REVIEWERS
    Educational Organization38%
    Government13%
    Financial Services Firm13%
    Engineering Company13%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider11%
    Financial Services Firm11%
    Government7%
    REVIEWERS
    Comms Service Provider25%
    Computer Software Company15%
    Financial Services Firm10%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider14%
    Financial Services Firm9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business39%
    Midsize Enterprise25%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise15%
    Large Enterprise64%
    REVIEWERS
    Small Business23%
    Midsize Enterprise32%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise66%
    REVIEWERS
    Small Business31%
    Midsize Enterprise10%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise66%
    Buyer's Guide
    Cloud Access Security Brokers (CASB)
    November 2022
    Find out what your peers are saying about Cisco, Microsoft, Netskope and others in Cloud Access Security Brokers (CASB). Updated: November 2022.
    657,849 professionals have used our research since 2012.

    Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 18 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 23 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Zscaler Internet Access is rated 8.6. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Zscaler Internet Access writes " AI decision-making on quarantined documents reduces manual work". Microsoft Defender for Cloud Apps is most compared with Netskope CASB, Qualys VM, Prisma SaaS by Palo Alto Networks, Skyhigh Security and Infoblox Advanced DNS Protection, whereas Zscaler Internet Access is most compared with Netskope CASB, Forcepoint Secure Web Gateway, Palo Alto Networks WildFire, Appgate SDP and Prisma SaaS by Palo Alto Networks.

    We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.