It's primarily for end-user access to the public internet. We use the proxy functionality and the URL Filtering.
We have a global policy for all our users. While there are a few categories of URLs that we are not allowed to do SSL inspection on, the primary function for us is to do SSL inspection so that we can make use of the built-in anti-malware and antivirus—the advanced-threat features—within the platform. We do SSL inspection of some 80 percent of all the traffic and we can evaluate if it's malicious or not.
It is a cloud solution where pretty much everything is handled by Zscaler.