Zscaler Zero Trust Exchange Platform Reviews

Zscaler functions as a kind of proxy, but they lack responsiveness when it comes to customer requests. The granularity in blocking is not sufficient. For example, when a new domain is detected, it is automatically blocked for 30 days. If there is no further information, it is added to the trusted list. Attackers are aware of this and take advantage of it. They set up a benign site, get it categorized as safe, and then introduce malicious content afterward. Trying to get the categories reassigned or realigned is a challenge, as Zscaler is not very responsive in addressing such issues. In my experience, compared to BlueCoat, Zscaler falls short in terms of responsiveness.

I'm currently reviewing Zscaler for our organization. We implemented it about two years ago. It's part of our zero-trust architecture initiative. 

However, we need to compare it with NetScout. Zscaler has certain capabilities like SD-WAN, and the proxy is quite good. Although, I had to stop using SD-WAN because it wasn't integrating well with Microsoft or Kaspersky.

It is stable. In my experience of about five years, I have only encountered two problems caused by it. So, I wouldn't rate it a nine out of ten. It's generally stable, with occasional issues.

The scalability is pretty good. I would give it an eight out of ten. However, their responsiveness to customer concerns is not as strong as other vendors I have worked with.

There is definitely an ROI. Before I joined my current company, it was implemented about a year and a half ago, and it significantly reduced noise and improved team visibility. The SOC has always been satisfied with its performance. 

So, I believe there has been a good return on investment compared to my company's previous solution, Fortinet, which wasn't very effective. We are very happy with Zscaler.

When it was implemented, it beat the competition on price according to the two companies I know that have it.

Overall, I would rate the solution a seven out of ten. 

We've so far recommended the solution in one or two engagements.

We work with customers who have various businesses like banking, finance, travel, et cetera, where we do a solution for them, a security solution for them. We are an IT service consultant company.

We generally use that product for the proxy setup, for URL dealing and blacklist blocking, and all that stuff. When the customer has a requirement where their workforce is very mobile or if they're on-premise and moving the workforce, we do recommend the Zscaler product.

There are also other cases. We extend other modules like CASB or another setup, where we say they can access the public cloud or send some data against the policy.

Scanning the internet traffic for any malware, et cetera, is quite useful. That is the primary use case. 

It is straightforward to set up.

The solution is stable.

It's scalable.

We would like to extend the SASE applications for Zscaler. We'd like to see more work in the area. In our understanding of it, SASE features are very helpful in extending to various other applications like CASB, DLP, et cetera, ensuring the network can be set up to be very agile. SASE adoption is a very prime focus for most customers due to its benefits.

We've dealt with the solution for a year and a half. 

For our use cases, we have found the solution to be reliable and stable. I haven't dealt with crashes or it freezing. There are no bugs or glitches. 

The solution is scalable. It's cloud-based, making it scalable and agile. It's great if companies are going through mergers and acquisitions. 

I've never reached out to technical support.

Before Zscaler, we used to use a lot of other products, however, when we were introduced to Zscaler we became confident it could meet the use cases. Due to its cloud features and cloud-based proxy, unless the customer has very specific use cases that don't include the cloud, it's one of the best products. 

The solution is straightforward to set up. There may be certain use cases where it may be more complex; however, largely, it is easy.

How long it takes to deploy depends on how the workforce is enabled and how they are deployed across, as well as whether they are in a single country or multiple countries. There are instances where we have deployed within a country within less than three months for a scale of 10,000 users.

We typically go for annual license payments.

I'm not a product seller. I'm a service seller. We are mainly a service integration team. We do recommend certain products. However, we don't sell products. I'm a consultant.

If it aligns with a client's needs, I would recommend this solution to others. 

I'd rate the solution ten out of ten.

I primarily use it for conducting security incident investigations and generating security reports. It serves as a valuable tool in analyzing and responding to security events, and its capabilities are instrumental in producing comprehensive reports on the security status of the network.

It proved to be invaluable in addressing our challenge of not having a rigid perimeter. With employees working from various locations, the need to move away from VPN reliance became apparent. Following thorough assessments, we opted to continue using it as our cloud Web Access solution.

It stands out for its seamless integration with various security solutions, such as EDR, SOAR, etc. The implementation process is straightforward, requiring minimal ongoing maintenance. The desktop agent enhances endpoint protection against zero-day vulnerabilities, providing a safeguard until patches are released. Its adaptability extends beyond a single solution, allowing integration with different models and solutions. The alert detection system and additional security features add an extra layer of appeal. The flexibility to start with one aspect and expand within a single vendor is advantageous. The agent's versatility is notable, used for digital experience monitoring to collect valuable endpoint metrics for troubleshooting. The security browser function distinguishes between known safe sites and potentially suspicious ones, ensuring a secure browsing experience. Unfamiliar websites are run in the Zscaler Cloud, isolating them from the endpoint and preventing potential phishing or malicious scripts from reaching the user's device.

Occasionally, there are certain delays in report generation. Clicking on a link, I found myself waiting for an unpredictable duration—sometimes as long as thirty seconds to a minute—until the report was ready.

I have been working with it for over a year.

There have been instances where certain software or applications on the user side didn't work smoothly. This posed an additional onboarding challenge, requiring collaboration with technical support to analyze logs, generate reports, and identify necessary exclusions or policies to rectify the issue. Once addressed, the applications resumed normal functioning.

It's highly scalable, and I frequently receive notifications about new data center expansions. With around five thousand endpoints, I am not aware of any problems that have been discussed as requiring a change of solution.

I gained access to the web console, and within an hour, I comprehended its capabilities, which I found appealing. Beyond predefined reports, the platform enables users to retrieve any imaginable information. Creating a visual search request is a straightforward process, delivering the required data through a user-friendly interface.

The implementation has effectively addressed numerous challenges related to ensuring a secure internet connection for users.

When we conducted assessments, Cisco and Microsoft were also considered. However, at that time, Cisco was in the initial stages of developing their solution, and Microsoft had just released their web security gateway.

When making a decision, choosing a market leader is often advisable. While the initial cost may be slightly higher, the long-term savings in both time and money, as well as the reduction in operational costs, often outweigh the investment. Opting for a leading product can also mitigate potential issues and challenges that might arise with newer or less-established alternatives. Overall, I would rate it eight out of ten.

The main purpose was to use it as a zero-trust solution. Or also to have control over the inbound and outbound traffic coming and going through the end user's device.

It does the job. What it is needed for. I can use it for VPN, I can use it for secure connections, I can use it as a firewall. So the solution does the job.

It has a limitation, if you are creating a rule or something for a web application or something, you could only add five users, not more than that. Five or four users are only included in a rule. If you want to create a rule for more than five or four users, you have to go through other methods, not particularly with the application. Working within the application with this method would be quite easy as compared to listing a URL or a normal IP address.

I have been using this solution for one and a half year. 

It is a stable product.

It is a scalable solution. Around 300 end users are using this solution.

The customer service and support have a good SLA. They return queries on time.  

Positive

I would say go ahead because it has a quite friendly interface. It has a lot of stuff you can do. If you are using the old infrastructure technique, you would love it because you can control most of your endpoints network on the device by a single interface. That is the Zscaler.

Overall, I would rate the solution an eight out of ten. 

We use Zscaler Private Access to authenticate our applications, which provides a more secure way to access the Internet from our work environment. We have multiple policies for different types of users. When new users join the company, they authenticate the VPA application to access the Internet. We use SSL bypass policies, tenant restrictions policies, and Microsoft tenant cloud application policies. We also use File Type Control Policy for all categories of files, and our traffic goes to the WAPAC file and the application. We are using services as per the requirements of our clients.

The most valuable features are the File Type Control and SSL bypass policies. We have multiple options, such as very flexible policies and modules in Zscaler. We will define them based on our requirements and the active Internet. We also have geolocation users. For example, a user from Singapore moves to Dubai. When the user tries to access the Internet, Zscaler automatically detects the geolocation and drives our traffic to the other channel. There is no issue here. 

When using a Blue Coat, we have some problems. Sometimes, some of our users have some issues, but once we update the agent, the traffic goes to the current geolocation without any problems, and they can access it. Sometimes, we have some URL categories blocked in our environment, but HPE sometimes removes the block. We request that the vendor to remove the block from the correct URL category. They provide a suitable solution based on the findings.

There is some issue while accessing the portal. It takes too long. It will take longer if I am on the URL Cloud App category and switch to other tabs.

I have been using Zscaler Private Access for five years.

If something happens, they have integration and they send notifications. I rate the solution’s stability a ten out of ten.

If I need to switch the policy to another task, the solution takes time. I rate the solution’s scalability a nine out of ten.

Compared to other proxies, such as Glook and IronPort, Zscaler Private Access is very easy to handle.

The initial setup is easy. You need to configure the proxy tool for the network configuration. They can forward multiple services based on the client's requirements. If we need to use the VPA, we need to authenticate. It takes one day to implement the solution, but for smooth running, it takes around a month because of timely revision.

The solution is expensive.

The categorization issue is dependent on the end user. For example, if I am trying to access a categorized URL but need to access it for work, I should be able to request a change to the categorization. Forcepoint can change the categorization itself, or the client team can do it for me. This is enough to change the categorization to meet the requirements. Overall, I rate the solution a ten out of ten.

We use Zscaler Cloud DLP to maintain data load and for storage reports. 

The solution is the best for storage. 

We have issues with the tool's maintenance and networking. It should be able to work in offline mode as well. 

I have been using the solution for two years. 

Zscaler Cloud DLP is stable. 

The tool is scalable. My company has 250-300 users. 

Zscaler Cloud DLP's installation is difficult. 

Zscaler Cloud DLP is moderately priced. We pay around 2 million rupees per year. 

I rate the solution an eight out of ten. 

We use the product for the process protocol for tunnels to manage network traffic.

They should work on a replica account. There could be alerts and replica files sent to the DLP team during data collection.

We have been using Zscaler Cloud DLP for three years.

I rate the product’s stability an eight out of ten. We encounter high latency for cloud data centers.

The product’s scalability depends on specific requirements. We manage more than 50 Zscaler Cloud DLP accounts for customers. We have created certain rules to cover and manage our sensitive data. I rate the scalability a ten out of ten.

They should assign an L2 engineer to resolve the issue. The L1 engineer takes time to identify and elaborate on the problem.

Our organization has used Symantec, Trend Micro, and McAfee.

The initial setup is easy. It doesn’t take much time and depends on the IP server requirements.

I rate Zscaler Cloud DLP an eight out of ten. I recommend it for customer service companies to protect sensitive data.

Zscaler CASB breaks down at times. 

I have been working with the solution for six months. 

The tool's scalability is good. 

The solution is easy to deploy. 

The solution has increased prices this year. 

I rate the solution a seven out of ten.