Zscaler Zero Trust Exchange Platform Reviews

The security issues one faces with legacy VPN solutions are addressed using a SaaS VPN platform. If an organization wants to implement a zero-trust network architecture, then a SaaS VPN platform is the way to go about it.

The most valuable features of Zscaler Private Access are its ability to integrate with multiple IDPs and application segmentation.

More on-prem infrastructure is required when Zscaler Private Access is to be implemented as a single point of entry.

Since the whole concept of app segmentation is license based, making the app segmentation extremely granular becomes very expensive for an organization. As a result, not all organizations would adopt a granular approach for rolling out their Zscaler Private Access solution. So the entire approach must be seen differently, not the standard license-based approach. As an organization, if I want to make the access for my employees more granular, then it means that I will have to buy more licenses. Organizations with 10,000 to 20,000 applications, including their business partners also connecting to their applications, would need to invest a lot of money into making it granular. Okay. That kind of investment may not be viable for every organization to make, which could limit the use of Zscaler Private Access.

I have been using Zscaler Private Access for about two and a half years.

I rate Zscaler Private Access a nine out of ten for stability.

I rate Zscaler Private Access a ten out of ten for scalability. Zscaler Private Access can be used for more than 2,00,000 users.

Zscaler tells you right at the front that the implementation needs to be taken up by Zscaler-certified people. It does require a good amount of knowledge of the platform. Other options are available where Zscaler makes professional services and resident engineers available. So Zscaler Private Access is a complicated solution, but they facilitate much of that implementation. I rate Zscaler Private Access a seven out of ten for ease of initial setup.

Zscaler Private Access's deployment depends on how much time an organization spends preparing for the solution's implementation. If you have a checklist prepared beforehand, you can deploy the solution in probably one and a half or two months. But if you start deploying it and then start making the necessary preparations for the change, it could easily take more than a year for a large organization.

To deploy Zscaler Private Access, you need to follow a full-fledged project management process. This process includes requirement definitions, coming up with a high-level design document, preparing your project plan, coming up with a low-level design document, going into a pilot phase, and then the production rollout.

Zscaler Private Access is extremely expensive. I rate Zscaler Private Access an eight out of ten for pricing.

Zscaler Private Access has its own data centers and its own private cloud.

Overall, I rate Zscaler Private Access a seven out of ten.

We've so far recommended the solution in one or two engagements.

We work with customers who have various businesses like banking, finance, travel, et cetera, where we do a solution for them, a security solution for them. We are an IT service consultant company.

We generally use that product for the proxy setup, for URL dealing and blacklist blocking, and all that stuff. When the customer has a requirement where their workforce is very mobile or if they're on-premise and moving the workforce, we do recommend the Zscaler product.

There are also other cases. We extend other modules like CASB or another setup, where we say they can access the public cloud or send some data against the policy.

Scanning the internet traffic for any malware, et cetera, is quite useful. That is the primary use case. 

It is straightforward to set up.

The solution is stable.

It's scalable.

We would like to extend the SASE applications for Zscaler. We'd like to see more work in the area. In our understanding of it, SASE features are very helpful in extending to various other applications like CASB, DLP, et cetera, ensuring the network can be set up to be very agile. SASE adoption is a very prime focus for most customers due to its benefits.

We've dealt with the solution for a year and a half. 

For our use cases, we have found the solution to be reliable and stable. I haven't dealt with crashes or it freezing. There are no bugs or glitches. 

The solution is scalable. It's cloud-based, making it scalable and agile. It's great if companies are going through mergers and acquisitions. 

I've never reached out to technical support.

Before Zscaler, we used to use a lot of other products, however, when we were introduced to Zscaler we became confident it could meet the use cases. Due to its cloud features and cloud-based proxy, unless the customer has very specific use cases that don't include the cloud, it's one of the best products. 

The solution is straightforward to set up. There may be certain use cases where it may be more complex; however, largely, it is easy.

How long it takes to deploy depends on how the workforce is enabled and how they are deployed across, as well as whether they are in a single country or multiple countries. There are instances where we have deployed within a country within less than three months for a scale of 10,000 users.

We typically go for annual license payments.

I'm not a product seller. I'm a service seller. We are mainly a service integration team. We do recommend certain products. However, we don't sell products. I'm a consultant.

If it aligns with a client's needs, I would recommend this solution to others. 

I'd rate the solution ten out of ten.

It serves as a globally distributed solution, differing significantly from MPLS. Unlike traditional firewalls, it seamlessly accommodates cloud services and enables remote work from any location. The product's global distribution across the cloud facilitates internal access with the necessary licenses. Whether connecting from a branch office, on-premises solution, private data system, public data center, or the cloud, the platform ensures consistent and robust security protection throughout the entire infrastructure.

The most valuable feature is its seamless integration capabilities, streamlining the process by eliminating the need for extensive installations. Users can connect to the SaaS solution by simply installing the necessary apps. This includes the flexibility to connect with any firewall or router capable of setting up IPSec, providing users the freedom to choose their preferred hardware. This versatility extends beyond Zscaler-specific applications or devices, making it compatible with a range of SD-WAN solutions, such as Cisco Meraki, Palo Alto, and Juniper.

A suggestion for improvement is the development of their own proprietary SD-WAN device. Currently, the experience can vary when integrating cloud protection with different vendors, such as Palo Alto, Meraki, or Juniper. Having a Zscaler-specific device could streamline this process and provide a more consistent user experience across diverse branches. Additionally, expanding their offerings to include solutions like SIEM, similar to competitors, could enhance their portfolio and cater to clients interested in a broader range of services.

I have been working with it for two years.

It is highly reliable and ensures that users receive optimal performance regardless of their physical location, creating a more seamless and user-friendly experience.

The initial setup was straightforward.

The perception of cloud services being expensive is often a result of the initial migration costs, especially when transitioning from traditional and limited MPLS environments. In the long run, cloud services are not inherently costly. If you're starting fresh and adopting a cloud-first approach from the beginning, the perceived expense is considerably less significant.

It is not economically viable for individual users but is highly recommended for companies with a substantial user base, multiple branches, extensive cloud operations, and remote employees. The solution offers enhanced protection across network, on-premises, and cloud environments, making it valuable for enterprises adapting to the evolving landscape of cloud adoption and seeking comprehensive security and networking benefits. Overall, I would rate it nine out of ten.

I use Zscaler CASB to get the visibility of the cloud application since everything is moving to the cloud these days. We use the solution to get complete visibility of what is happening on my drive and official applications. The solution also helps to restrict information shared with my other partners.

Zscaler CASB's latency and architecture are excellent.

Zscaler CASB needs to improve its applications or connectors. The solution's granularity should be improved because it has limited granular options to control, visible, allow, block, delay, and receive.

I have been using Zscaler CASB for one year.

Zscaler CASB is a stable solution.

Zscaler CASB is a scalable solution because it is a cloud-based solution. Around 30% of the industry people are using Zscaler CASB.

Zscaler CASB's technical support is good. The solution's support team is available, but they don't have much visibility of what is happening and take too much time to resolve it.

Positive

Zscaler CASB's initial setup is easy.

As per industry leads, Zscaler CASB is an expensive solution.

Zscaler CASB is deployed on-cloud in our organization.

I would recommend Zscaler CASB to other users. Zscaler CASB has a seamless deployment. The solution needs to improve on the navigation or user experience part.

Overall, I rate Zscaler CASB an eight out of ten.

We use the solution to restrict uploading over public sites. We control the users’ actions through DLP. Only users who have access can upload files. We manage multiple policies.

The policies are very easy to implement. It's very easy to understand. We have the option to assign time limits to the access we provide. For example, we can implement a policy for one year for a particular user. Once it expires, we can disable it.

We have some limitations while checking logs. The product must allow users to check logs for an entire year in the local console. Currently, we can check logs only for the previous three to four months.

Forcepoint provides multiple services separately, but Zscaler does not provide separate DLP. It will be good if Zscaler provides the DLP module separately.

I have been using the solution for the last two years.

I rate the tool’s stability a ten out of ten.

The tool is very scalable. I rate the scalability a ten out of ten. Approximately 5,200 people are using the solution in our organization.

We are also using Forcepoint.

The initial setup is very easy.

The product is a little more expensive than other tools.

We do not face any challenges with the product. If we have any problems, the vendor helps us. The product is everywhere. Everyone is using it. It's very, very flexible. It provides a single solution for multiple modules like DLP, proxy, and firewall. Overall, I rate the tool a ten out of ten.

We use Zscaler Private Access to authenticate our applications, which provides a more secure way to access the Internet from our work environment. We have multiple policies for different types of users. When new users join the company, they authenticate the VPA application to access the Internet. We use SSL bypass policies, tenant restrictions policies, and Microsoft tenant cloud application policies. We also use File Type Control Policy for all categories of files, and our traffic goes to the WAPAC file and the application. We are using services as per the requirements of our clients.

The most valuable features are the File Type Control and SSL bypass policies. We have multiple options, such as very flexible policies and modules in Zscaler. We will define them based on our requirements and the active Internet. We also have geolocation users. For example, a user from Singapore moves to Dubai. When the user tries to access the Internet, Zscaler automatically detects the geolocation and drives our traffic to the other channel. There is no issue here. 

When using a Blue Coat, we have some problems. Sometimes, some of our users have some issues, but once we update the agent, the traffic goes to the current geolocation without any problems, and they can access it. Sometimes, we have some URL categories blocked in our environment, but HPE sometimes removes the block. We request that the vendor to remove the block from the correct URL category. They provide a suitable solution based on the findings.

There is some issue while accessing the portal. It takes too long. It will take longer if I am on the URL Cloud App category and switch to other tabs.

I have been using Zscaler Private Access for five years.

If something happens, they have integration and they send notifications. I rate the solution’s stability a ten out of ten.

If I need to switch the policy to another task, the solution takes time. I rate the solution’s scalability a nine out of ten.

Compared to other proxies, such as Glook and IronPort, Zscaler Private Access is very easy to handle.

The initial setup is easy. You need to configure the proxy tool for the network configuration. They can forward multiple services based on the client's requirements. If we need to use the VPA, we need to authenticate. It takes one day to implement the solution, but for smooth running, it takes around a month because of timely revision.

The solution is expensive.

The categorization issue is dependent on the end user. For example, if I am trying to access a categorized URL but need to access it for work, I should be able to request a change to the categorization. Forcepoint can change the categorization itself, or the client team can do it for me. This is enough to change the categorization to meet the requirements. Overall, I rate the solution a ten out of ten.

We are currently using Zscaler Cloud DLP internally and it provides us with a robust and highly configurable Data Loss prevention engine, which meets our specific data handling needs.

We experienced many benefits, including improved visibility and the ability to identify vulnerabilities in existing configurations. Its impressive scalability allows the combination of multiple dictionaries and using them as one engine, resulting in narrower data loss gaps. There are significant enhancements in email and file confidentiality, particularly with integration to MCAS solution, which provides insights into permissions and access control for files stored in OneDrive and SharePoint.

The most valuable features are its robustness and high configurability, particularly in relation to existing DLP dictionaries. The ability to choose and utilize specific dictionaries for various purposes, such as credit card checks or monitoring file permissions and transmissions within the corporate network. The platform allows the administrator to monitor who is sharing files and who has access to them, providing a proactive approach to data security.

The customers would benefit from more robust documentation and conversations around configurations, as it is slightly complex. Also, there should be an option for acquiring DLP as a standalone product rather than bundling it with packages, as this would provide more flexibility for customers who only need specific features. They should also provide more reviews and guidance on selecting the best-rated engines and dictionaries, as well as facilitating reporting for DLP violations and integrations with other cloud storage solutions. 

We have been using it for a year now.

Zscaler sells internet access, not specifically DLP, so we had to build a point of presence for our location in Kenya due to latency issues.

It offers high scalability capabilities.

We faced some issues regarding the business support from them due to the lack of knowledge and understanding of troubleshooting processes, which may be time-consuming. However, after we submitted the tickets, they did provide their support and eventually, solved our issues.

Neutral

We tried a few different solutions, but we opted for Zscaler because we were already using other products from them.

The implementation process was straightforward, with good support and training provided by Zscaler. We found it easy to roll out the cloud connectors and configure policies for DLP. The whole process took about three weeks with the help of three individuals, including myself.

Zscaler DLP solution is expensive, with a fixed pricing structure that is billed annually and monthly. There are no additional costs for licenses.

I would recommend having a clearly defined objective and goal, which would facilitate choosing and implementing the solution effectively. I would rate it nine out of ten.

Zscaler functions as a kind of proxy, but they lack responsiveness when it comes to customer requests. The granularity in blocking is not sufficient. For example, when a new domain is detected, it is automatically blocked for 30 days. If there is no further information, it is added to the trusted list. Attackers are aware of this and take advantage of it. They set up a benign site, get it categorized as safe, and then introduce malicious content afterward. Trying to get the categories reassigned or realigned is a challenge, as Zscaler is not very responsive in addressing such issues. In my experience, compared to BlueCoat, Zscaler falls short in terms of responsiveness.

I'm currently reviewing Zscaler for our organization. We implemented it about two years ago. It's part of our zero-trust architecture initiative. 

However, we need to compare it with NetScout. Zscaler has certain capabilities like SD-WAN, and the proxy is quite good. Although, I had to stop using SD-WAN because it wasn't integrating well with Microsoft or Kaspersky.

It is stable. In my experience of about five years, I have only encountered two problems caused by it. So, I wouldn't rate it a nine out of ten. It's generally stable, with occasional issues.

The scalability is pretty good. I would give it an eight out of ten. However, their responsiveness to customer concerns is not as strong as other vendors I have worked with.

There is definitely an ROI. Before I joined my current company, it was implemented about a year and a half ago, and it significantly reduced noise and improved team visibility. The SOC has always been satisfied with its performance. 

So, I believe there has been a good return on investment compared to my company's previous solution, Fortinet, which wasn't very effective. We are very happy with Zscaler.

When it was implemented, it beat the competition on price according to the two companies I know that have it.

Overall, I would rate the solution a seven out of ten.