Zscaler Zero Trust Exchange Platform Reviews

The security issues one faces with legacy VPN solutions are addressed using a SaaS VPN platform. If an organization wants to implement a zero-trust network architecture, then a SaaS VPN platform is the way to go about it.

The most valuable features of Zscaler Private Access are its ability to integrate with multiple IDPs and application segmentation.

More on-prem infrastructure is required when Zscaler Private Access is to be implemented as a single point of entry.

Since the whole concept of app segmentation is license based, making the app segmentation extremely granular becomes very expensive for an organization. As a result, not all organizations would adopt a granular approach for rolling out their Zscaler Private Access solution. So the entire approach must be seen differently, not the standard license-based approach. As an organization, if I want to make the access for my employees more granular, then it means that I will have to buy more licenses. Organizations with 10,000 to 20,000 applications, including their business partners also connecting to their applications, would need to invest a lot of money into making it granular. Okay. That kind of investment may not be viable for every organization to make, which could limit the use of Zscaler Private Access.

I have been using Zscaler Private Access for about two and a half years.

I rate Zscaler Private Access a nine out of ten for stability.

I rate Zscaler Private Access a ten out of ten for scalability. Zscaler Private Access can be used for more than 2,00,000 users.

Zscaler tells you right at the front that the implementation needs to be taken up by Zscaler-certified people. It does require a good amount of knowledge of the platform. Other options are available where Zscaler makes professional services and resident engineers available. So Zscaler Private Access is a complicated solution, but they facilitate much of that implementation. I rate Zscaler Private Access a seven out of ten for ease of initial setup.

Zscaler Private Access's deployment depends on how much time an organization spends preparing for the solution's implementation. If you have a checklist prepared beforehand, you can deploy the solution in probably one and a half or two months. But if you start deploying it and then start making the necessary preparations for the change, it could easily take more than a year for a large organization.

To deploy Zscaler Private Access, you need to follow a full-fledged project management process. This process includes requirement definitions, coming up with a high-level design document, preparing your project plan, coming up with a low-level design document, going into a pilot phase, and then the production rollout.

Zscaler Private Access is extremely expensive. I rate Zscaler Private Access an eight out of ten for pricing.

Zscaler Private Access has its own data centers and its own private cloud.

Overall, I rate Zscaler Private Access a seven out of ten.

I use Zscaler CASB to get the visibility of the cloud application since everything is moving to the cloud these days. We use the solution to get complete visibility of what is happening on my drive and official applications. The solution also helps to restrict information shared with my other partners.

Zscaler CASB's latency and architecture are excellent.

Zscaler CASB needs to improve its applications or connectors. The solution's granularity should be improved because it has limited granular options to control, visible, allow, block, delay, and receive.

I have been using Zscaler CASB for one year.

Zscaler CASB is a stable solution.

Zscaler CASB is a scalable solution because it is a cloud-based solution. Around 30% of the industry people are using Zscaler CASB.

Zscaler CASB's technical support is good. The solution's support team is available, but they don't have much visibility of what is happening and take too much time to resolve it.

Positive

Zscaler CASB's initial setup is easy.

As per industry leads, Zscaler CASB is an expensive solution.

Zscaler CASB is deployed on-cloud in our organization.

I would recommend Zscaler CASB to other users. Zscaler CASB has a seamless deployment. The solution needs to improve on the navigation or user experience part.

Overall, I rate Zscaler CASB an eight out of ten.

We use the solution to restrict uploading over public sites. We control the users’ actions through DLP. Only users who have access can upload files. We manage multiple policies.

The policies are very easy to implement. It's very easy to understand. We have the option to assign time limits to the access we provide. For example, we can implement a policy for one year for a particular user. Once it expires, we can disable it.

We have some limitations while checking logs. The product must allow users to check logs for an entire year in the local console. Currently, we can check logs only for the previous three to four months.

Forcepoint provides multiple services separately, but Zscaler does not provide separate DLP. It will be good if Zscaler provides the DLP module separately.

I have been using the solution for the last two years.

I rate the tool’s stability a ten out of ten.

The tool is very scalable. I rate the scalability a ten out of ten. Approximately 5,200 people are using the solution in our organization.

We are also using Forcepoint.

The initial setup is very easy.

The product is a little more expensive than other tools.

We do not face any challenges with the product. If we have any problems, the vendor helps us. The product is everywhere. Everyone is using it. It's very, very flexible. It provides a single solution for multiple modules like DLP, proxy, and firewall. Overall, I rate the tool a ten out of ten.

We use Zscaler Private Access to authenticate our applications, which provides a more secure way to access the Internet from our work environment. We have multiple policies for different types of users. When new users join the company, they authenticate the VPA application to access the Internet. We use SSL bypass policies, tenant restrictions policies, and Microsoft tenant cloud application policies. We also use File Type Control Policy for all categories of files, and our traffic goes to the WAPAC file and the application. We are using services as per the requirements of our clients.

The most valuable features are the File Type Control and SSL bypass policies. We have multiple options, such as very flexible policies and modules in Zscaler. We will define them based on our requirements and the active Internet. We also have geolocation users. For example, a user from Singapore moves to Dubai. When the user tries to access the Internet, Zscaler automatically detects the geolocation and drives our traffic to the other channel. There is no issue here. 

When using a Blue Coat, we have some problems. Sometimes, some of our users have some issues, but once we update the agent, the traffic goes to the current geolocation without any problems, and they can access it. Sometimes, we have some URL categories blocked in our environment, but HPE sometimes removes the block. We request that the vendor to remove the block from the correct URL category. They provide a suitable solution based on the findings.

There is some issue while accessing the portal. It takes too long. It will take longer if I am on the URL Cloud App category and switch to other tabs.

I have been using Zscaler Private Access for five years.

If something happens, they have integration and they send notifications. I rate the solution’s stability a ten out of ten.

If I need to switch the policy to another task, the solution takes time. I rate the solution’s scalability a nine out of ten.

Compared to other proxies, such as Glook and IronPort, Zscaler Private Access is very easy to handle.

The initial setup is easy. You need to configure the proxy tool for the network configuration. They can forward multiple services based on the client's requirements. If we need to use the VPA, we need to authenticate. It takes one day to implement the solution, but for smooth running, it takes around a month because of timely revision.

The solution is expensive.

The categorization issue is dependent on the end user. For example, if I am trying to access a categorized URL but need to access it for work, I should be able to request a change to the categorization. Forcepoint can change the categorization itself, or the client team can do it for me. This is enough to change the categorization to meet the requirements. Overall, I rate the solution a ten out of ten.

We are currently using Zscaler Cloud DLP internally and it provides us with a robust and highly configurable Data Loss prevention engine, which meets our specific data handling needs.

We experienced many benefits, including improved visibility and the ability to identify vulnerabilities in existing configurations. Its impressive scalability allows the combination of multiple dictionaries and using them as one engine, resulting in narrower data loss gaps. There are significant enhancements in email and file confidentiality, particularly with integration to MCAS solution, which provides insights into permissions and access control for files stored in OneDrive and SharePoint.

The most valuable features are its robustness and high configurability, particularly in relation to existing DLP dictionaries. The ability to choose and utilize specific dictionaries for various purposes, such as credit card checks or monitoring file permissions and transmissions within the corporate network. The platform allows the administrator to monitor who is sharing files and who has access to them, providing a proactive approach to data security.

The customers would benefit from more robust documentation and conversations around configurations, as it is slightly complex. Also, there should be an option for acquiring DLP as a standalone product rather than bundling it with packages, as this would provide more flexibility for customers who only need specific features. They should also provide more reviews and guidance on selecting the best-rated engines and dictionaries, as well as facilitating reporting for DLP violations and integrations with other cloud storage solutions. 

We have been using it for a year now.

Zscaler sells internet access, not specifically DLP, so we had to build a point of presence for our location in Kenya due to latency issues.

It offers high scalability capabilities.

We faced some issues regarding the business support from them due to the lack of knowledge and understanding of troubleshooting processes, which may be time-consuming. However, after we submitted the tickets, they did provide their support and eventually, solved our issues.

Neutral

We tried a few different solutions, but we opted for Zscaler because we were already using other products from them.

The implementation process was straightforward, with good support and training provided by Zscaler. We found it easy to roll out the cloud connectors and configure policies for DLP. The whole process took about three weeks with the help of three individuals, including myself.

Zscaler DLP solution is expensive, with a fixed pricing structure that is billed annually and monthly. There are no additional costs for licenses.

I would recommend having a clearly defined objective and goal, which would facilitate choosing and implementing the solution effectively. I would rate it nine out of ten.

Zscaler functions as a kind of proxy, but they lack responsiveness when it comes to customer requests. The granularity in blocking is not sufficient. For example, when a new domain is detected, it is automatically blocked for 30 days. If there is no further information, it is added to the trusted list. Attackers are aware of this and take advantage of it. They set up a benign site, get it categorized as safe, and then introduce malicious content afterward. Trying to get the categories reassigned or realigned is a challenge, as Zscaler is not very responsive in addressing such issues. In my experience, compared to BlueCoat, Zscaler falls short in terms of responsiveness.

I'm currently reviewing Zscaler for our organization. We implemented it about two years ago. It's part of our zero-trust architecture initiative. 

However, we need to compare it with NetScout. Zscaler has certain capabilities like SD-WAN, and the proxy is quite good. Although, I had to stop using SD-WAN because it wasn't integrating well with Microsoft or Kaspersky.

It is stable. In my experience of about five years, I have only encountered two problems caused by it. So, I wouldn't rate it a nine out of ten. It's generally stable, with occasional issues.

The scalability is pretty good. I would give it an eight out of ten. However, their responsiveness to customer concerns is not as strong as other vendors I have worked with.

There is definitely an ROI. Before I joined my current company, it was implemented about a year and a half ago, and it significantly reduced noise and improved team visibility. The SOC has always been satisfied with its performance. 

So, I believe there has been a good return on investment compared to my company's previous solution, Fortinet, which wasn't very effective. We are very happy with Zscaler.

When it was implemented, it beat the competition on price according to the two companies I know that have it.

Overall, I would rate the solution a seven out of ten. 

I work for a service provider for a defense customer. We are using Zscaler Private Access to connect to the Internet. This is how we keep our customers protected with the latest inspection of the URLs.

The most valuable feature of Zscaler Private Access is the categorization of the dynamic URLs which keeps the customer's environment protected. The threats and the malware are correctly categorized.

Zscaler Private Access's reporting is poor. We should have more insight into the reports regarding what is blocked and allowed.

I have been using Zscaler Private Access for approximately four years.

I rate the scalability of Zscaler Private Access a ten out of ten.

I rate the support of Zscaler Private Access a five out of ten.

Neutral

There is a lightweight agent on six laptops and the agent reaches out to the SaaS-based cloud.

The process of deployment takes 15 to 30 days.

I rate the initial setup of Zscaler Private Access an eight out of ten.

I rate the ROI from Zscaler Private Access a seven out of ten.

The price is competitive. 

I rate the price of Zscaler Private Access five out of ten.

If the reports were improved the customer would have more insight.

I rate Zscaler Private Access nine out of ten.

We use this solution for traffic and establishing the connection.

It's deployed on-premises.

There are 60,000 people who use Zscaler in my organization.

The best feature is the ability to establish the connection between your public network and automatically connect to the intranet connection.

The stability could be improved.

I have worked with Zscaler Private Access for six months.

I would rate the stability as eight out of ten.

I would rate Zscaler as eight out of ten.