There is not much room for improvement. We are users and operational engineers, so we might not have the insight that solution providers have when they compare different solutions. They might be able to identify if something is missing with Zscaler.

View full review »

The connectivity monitoring part should be included in the core license without any extra charges. As a user, I should be able to see how seamlessly end users are connecting, but currently, this feature is an add-on that requires an additional license fee.

View full review »

On the improvement side, when we bypass certain internet traffic types, it's currently recommended to have a one-click option, but audio and video aren't always supported. Thus, we need to bypass that kind of traffic. So, it is an area of improvement.

Another issue is with DNS exclusions and internet bypasses. Even if we put some URLs into DNS exclusion, it doesn't always work. So we often have to use a VPN gateway bypass. If they provided functional DNS exclusions and internet bypasses, it'd be much smoother.

View full review »

The pricing for Private Access seems to be on the expensive side, and I believe they should consider making it more competitive with other solutions. Specifically, they could improve pricing by offering customizable packages that cater to each customer's specific needs.

Connectivity to voice-over IP (VoIP) solutions, both private and VoIP, is scheduled to be included in the upcoming week.

View full review »

Zscaler Private Access does not currently offer the ability to assign static IP addresses, which are necessary for supporting telephony or backend communication. 

While Zscaler supports client-initiated connections, it does not support server-initiated connections. This is a feature that Zscaler may consider adding in the future.

View full review »

Zscaler Cloud DLP needs to improve its compatibility with other security tools. Right now, it mainly works well with Microsoft Defender but lacks support for many other antivirus and performance management solutions. Also, it takes a long time to add new features based on customer feedback. This limited compatibility could be a problem for organizations using various antivirus software.

View full review »

As of now, no improvements are required in the solution. Though not an improvement from a product perspective, there is no documentation related to Zscaler Cloud DLP on the internet. You won't find anything that can help you with the configuration part and other areas related to the product if you search for proper or exact details of Zscaler Cloud DLP online in very easy language. In short, you can't find any documentation about the product which is exactly arranged in a proper manner. Availability of knowledge related to the product is not there in the public domain.

View full review »

Zscaler CASB should include integrations with other SaaS applications.

View full review »

The area that requires improvement is their support. The current support is lacking. 

Other than that, once you have the right people on the phone, the product performs as advertised. However, multiple clients have complained about the support. 

View full review »

We are getting some issues with internet access. Authenticating or onboarding something on Zscaler Private Access manually is a troublesome task. Users report application access or latency issues with Zscaler Private Access.

View full review »

The product has limited features. We only have the option to monitor URLs and HTTPS logs. The tool must provide IP-blocking features.

View full review »

Zscaler CASB needs to improve its applications or connectors. The solution's granularity should be improved because it has limited granular options to control, visible, allow, block, delay, and receive.

View full review »

The technical team in our company suggests there are some performance issues with the solution once the module addition begins. For instance, suppose I am using Zscaler Internet Access, and the connectivity speed is excellent, but the moment I start integrating some add-ons like DLP, then the solution considerably slows down in functionality.

But I believe the aforementioned instance or scenario is acceptable because an initial data check gets performed upon integration and it probably can be solved by the vendor through some alterations in the architecture. The set of features provided by Zscaler DLP is enough for the market in which our company operates. 

View full review »

Occasionally, issues arise in the LogStack by a third party, particularly for government websites accessed by numerous users. This can trigger false positives, causing certain IP ranges to be perceived as a security threat or associated with malicious activities, resulting in blocks. In such instances, we often find ourselves waiting for the block to be lifted or having to engage with the concerned website administrators. This is where Zscaler's expertise becomes crucial in addressing false positive blocks, as these incidents might not necessarily indicate malicious intent but could be errors affecting access to the platform. It is recommended that they incorporate EDR features into their offerings. View full review »

We have some limitations while checking logs. The product must allow users to check logs for an entire year in the local console. Currently, we can check logs only for the previous three to four months.

Forcepoint provides multiple services separately, but Zscaler does not provide separate DLP. It will be good if Zscaler provides the DLP module separately.

View full review »

The customers would benefit from more robust documentation and conversations around configurations, as it is slightly complex. Also, there should be an option for acquiring DLP as a standalone product rather than bundling it with packages, as this would provide more flexibility for customers who only need specific features. They should also provide more reviews and guidance on selecting the best-rated engines and dictionaries, as well as facilitating reporting for DLP violations and integrations with other cloud storage solutions. 

View full review »

We would like to extend the SASE applications for Zscaler. We'd like to see more work in the area. In our understanding of it, SASE features are very helpful in extending to various other applications like CASB, DLP, et cetera, ensuring the network can be set up to be very agile. SASE adoption is a very prime focus for most customers due to its benefits.

View full review »

Occasionally, there are certain delays in report generation. Clicking on a link, I found myself waiting for an unpredictable duration—sometimes as long as thirty seconds to a minute—until the report was ready.

View full review »

It has a limitation, if you are creating a rule or something for a web application or something, you could only add five users, not more than that. Five or four users are only included in a rule. If you want to create a rule for more than five or four users, you have to go through other methods, not particularly with the application. Working within the application with this method would be quite easy as compared to listing a URL or a normal IP address.

View full review »

There is some issue while accessing the portal. It takes too long. It will take longer if I am on the URL Cloud App category and switch to other tabs.

View full review »

We have issues with the tool's maintenance and networking. It should be able to work in offline mode as well. 

View full review »

They should work on a replica account. There could be alerts and replica files sent to the DLP team during data collection.

View full review »

Zscaler CASB breaks down at times. 

View full review »

Currently, we are using APIs, and we need some enhancement on the script running with the Zscaler SASE cloud API. Also, it would be better if we could integrate with other vendors. We often face performance and latency issues with Zscaler SASE.

View full review »

More on-prem infrastructure is required when Zscaler Private Access is to be implemented as a single point of entry.

Since the whole concept of app segmentation is license based, making the app segmentation extremely granular becomes very expensive for an organization. As a result, not all organizations would adopt a granular approach for rolling out their Zscaler Private Access solution. So the entire approach must be seen differently, not the standard license-based approach. As an organization, if I want to make the access for my employees more granular, then it means that I will have to buy more licenses. Organizations with 10,000 to 20,000 applications, including their business partners also connecting to their applications, would need to invest a lot of money into making it granular. Okay. That kind of investment may not be viable for every organization to make, which could limit the use of Zscaler Private Access.

View full review »

The management of the product has to be clearly defined or they will conflict. Sometimes you have to add bypass rules allowing specific websites access for internal purposes or for it to completely bypass altogether.  Make sure that it is the same teams who are managing the firewalls and the product. They should all be on the same team. If you have two teams managing it separately, you are going to run into a lot of problems.

View full review »

So far, we are happy with the solution. I can't speak to any missing features. Based on the customer feedback, they're doing good. We don't see any negative point at this point in time.

View full review »

A suggestion for improvement is the development of their own proprietary SD-WAN device. Currently, the experience can vary when integrating cloud protection with different vendors, such as Palo Alto, Meraki, or Juniper. Having a Zscaler-specific device could streamline this process and provide a more consistent user experience across diverse branches. Additionally, expanding their offerings to include solutions like SIEM, similar to competitors, could enhance their portfolio and cater to clients interested in a broader range of services.

View full review »

The reports can be made easier. The solution takes time to fetch reports in the Database section. Otherwise, the reporting module itself is well-designed.

View full review »

Zscaler functions as a kind of proxy, but they lack responsiveness when it comes to customer requests. The granularity in blocking is not sufficient. For example, when a new domain is detected, it is automatically blocked for 30 days. If there is no further information, it is added to the trusted list. Attackers are aware of this and take advantage of it. They set up a benign site, get it categorized as safe, and then introduce malicious content afterward. Trying to get the categories reassigned or realigned is a challenge, as Zscaler is not very responsive in addressing such issues. In my experience, compared to BlueCoat, Zscaler falls short in terms of responsiveness.

View full review »

Zscaler Private Access's reporting is poor. We should have more insight into the reports regarding what is blocked and allowed.

View full review »

The stability could be improved.

View full review »

The product is not reliable. ZTNA must be improved. It is slow sometimes. It is unreliable. It’s lengthy to troubleshoot.

View full review »

There could be more DLP-related features. Additionally, there needs to be flexibility for integrating ISP features.

View full review »

There could be a feature to view the VPN tunnel activities in terms of configuration.

View full review »

We faced certain migration and implementation challenges in executing the tasks, so I would suggest improvement related to the stability of the solution. It would be beneficial to ensure a smooth transition with no to minimal interruption of the operation.

View full review »

To enhance their offering, it is advisable for them to focus on strengthening the foundation of their architecture. Additionally, they should consider integrating a broader range of services that go beyond what managed service providers typically offer independently.

View full review »

The pre-defined dictionaries could be improved. 

View full review »

Everything looks good in Zscaler Private Access, but the issue my team faced with it was the inability to find subscriptions on the portal. That caused some difficulties, so it would be better if the Zscaler team made it easier for people to find subscriptions on the portal, mainly information on what my customers subscribed to or the type of licenses purchased.

View full review »

Although it's good, the DX layer could be better if it had improved visibility. There is definitely scope to enhance that aspect. Some customers are looking for application connectivity over zero trust which is a concern for them. I believe it's in the Zscaler roadmap and we hope to see that in the near future. 

View full review »

Zscaler Private Access could improve by improving external access. If external parties want to access locally to my company's services, we need to onboard them into our domain, otherwise, it doesn't work. Additionally, if their company also has Zscaler Private Access, then it doesn't work. They need to log in with our domain ID, not their company ID.

View full review »

I’m not sure if any features are lacking. I’m mostly happy with it. That said, I’m not familiar with every area of the product. I need to study it a bit more.

Sometimes applications crash on some machines, and we’d like Zscaler to give us some information as to why that may have happened. We’d like more detailed reports.

View full review »

What could be improved in Zscaler Private Access is its notification. For example, if there's a speed issue, there should be a pop-up that alerts the user about it. If there is a network quality issue, for example, it isn't good enough to connect to, or the network quality is bad, there should be a notification from the solution.

Zscaler Private Access also needs improvement in terms of its interface and security.

View full review »

The solution needs to improve a lot of aspects.

View full review »

Zscaler Private Access needs to improve its collaboration with applications without compromising security. The solution needs to improve native security, seamless protection, and user experience. Users should be able to access the solution anytime, and it should be made easy to install and easy to understand.

Zscaler Private Access needs to improve its customization.

View full review »

The menu for the ZIA portal could be organized a little bit differently. The most-used modules should be at the top of the menus, not somewhere near the bottom, some of them are not organized well in my opinion.

View full review »

We'd like to have two-factor authentication that is quite simple.

View full review »

The only issue with Zscaler Cloud DLP is that it only gives you DLP protection from web traffic, which is flowing out, while a full-blown DLP solution such as Forcepoint or Symantec gives you DLP coverage for multiple channels.

Zscaler Cloud DLP doesn't give you coverage for email, fax, and USB channels, and this is the only challenge or room for improvement in the solution. It's just an extension on top of what you're buying on the proxy, so it's just an added layer, and it doesn't cover DLP on a very broad level.

I'm unsure if Zcaler is in the business of competing with a full-blown DLP solution, and if there's a plan to expand the features of Zscaler Cloud DLP beyond the web channel because you'll have to deploy a full-blown agent for it. I'm unsure if this is on the cards because the solution is just an added layer that you get with your proxy. I've asked the Zcaler team whether there's a plan to go full DLP in the future, but I didn't get a positive response.

There isn't any feature I'd like added to Zscaler Cloud DLP currently, because anything you could think of that should be in cloud or SaaS solutions is already there, except for machine learning, as it's the only functionality that seems to be lacking in the solution. Machine learning is an additional policy available in other DLP solutions in the market, but my team didn't find it in Zscaler Cloud DLP.

View full review »

An area for improvement would be the ease of configuration.

View full review »

It really comes down to the Regex that's being used from Zscaler's DLP. That's the one area that we find technical limitations because the rest of the industries use an RE2, and Regex and Zscaler just aren't there. It's not because of the technology and they can't code it. It's because of the cost of these actual Regex strings from a query perspective. There's limited flexibility from a Regex perspective as far as data matching and expanding your DLP dictionaries and libraries.

In the next release, I would like to see RE2 Regex supported.

View full review »

The solution needs to offer better scalability.

The product needs SAML integration. That's something they should work to add in future releases.

It needs to offer SSO, single sign-on, and items of that nature.

The product needs greater zero-trust. They need to focus more on zero-trust relationships.

View full review »

Zscaler will protect PII for all users regardless of their geolocations as well it will simplify compliance requirement's by eliminating complexity of legacy systems and securing your cloud data across all channels data in motion, at rest,
and across endpoints and clouds.

View full review »

It has massive room for improvement. The Zscaler product itself is okay, but it doesn't give enough granularity for us as an organization to stipulate rules or processes, especially for data-driven services. For instance, we can stick on SSL inspection, but it's just a click box. It doesn't allow us to go any further into the detail of the SSL inspection. We also can't pull it out without having an additional logging server. It just doesn't give us enough granularity. 

They should give us more control over the interfaces because it is all backend. They weren't very open to discussing their backend architecture with us in terms of their own data centers. They can maybe a little bit more open about what components are there and how the backend infrastructure works alongside Zscaler.

Its licensing can be better. Some of the additional licensing costs are quite high, and they should have certain features ready and available as a baseline rather than having to purchase additional licenses for it. 

Their support should also be improved. I initially had a consultant from Zscaler for its deployment, but the support that I had throughout the deployment of the project wasn't the best.

View full review »

Due to the fact that it's a multi-tenant hosted environment, it should be noted that other solutions, like Palo Alto, are single-tenant solutions. It's the customer that's hosting it, it's a single tenant. Zscaler hosts a SaaS solution and a multi-tenant, not a single-tenant environment. It would be nice if they offered that as well. This is where probably Zscaler can differentiate itself.

There are latency issues with the solution. They are small, however, they are there when you compare it to other vendors. These things only come up when you're talking to enterprise customers who are really looking at those things. For smaller to mid-sized customers, Zscaler makes more sense. These things make it cheaper and more efficient, as well, for Zscaler. 

View full review »

This is a great solution, I'm just searching for an alternative because the costing or the commercials for this type of solution tends to be a little high, although we have been using it for a year already. We've found it to be more expensive than other products. However, we also know that unlike other VPN solutions, this one has many features that any organization would like to have. We're looking for an alternative product that offers similar services or features.

View full review »

We are supporting our supply-chain in India. Our connections through Zscaler have degraded drastically. Improvements are required in speed and bandwidth. 

The biggest disadvantage is there are no SCMP network layers available. The older network connection checks cannot be done because it's not included in the solution. 

We are programming our old solutions and they have not included support for legacy Windows. This is a huge disadvantage for me.

SCMP support would be one of the biggest improvements in my opinion. More speed improvements are also required. Very simple. 

If I need to monitor a third party supplier, if I have no SCMP, I cannot do the monitoring.

Some data may be cached if it is not available. This another important issue we have which needs to be improved, i.e. when the availability is not given the cache should not be used. 

At least we need Zscaler Private Access to make sure that the cache represents what is available to the users.

View full review »

There could be additional ways to define proximity. Additionally, they should provide some exclusion options for specific policies and an ability to control the DLP engine.

View full review »

The interface needs a bit of work. It could be a little more streamlined and more intuitive.

View full review »

There is room for improvement in detection. From the detection perspective, like, how it detects the violations.

Another area of improvement is implementation through non-client connectors. The solution can be implemented in two ways. One uses the back file; the other one uses client connectors. So the client connector is pretty fast, but when it comes to non-client connectors and procedures, it's kind of delayed and slow. The policies don't reflect very soon. It takes, like, a day and, like, hours to get implemented. But if it's a client connector, it takes, like, two minutes. It's just so good.

In future releases, I would like to see two things. It's not more of a feature but more like an enhancement. So I would like to see an enhancement in their proximity when detecting credit card details and past support details, and PII data.

Another area of improvement is support. 

View full review »

Zscaler CASB need to improve the functioning of the application, especially the sanctioning of the application.

Another area of improvement is the granular level control of how you can assign policies based on user access. Currently, their granularity is not that good. They either give you access to CloudApp or not. User management can be improved.

View full review »

There is improvement in enhancing proper manageability, policies, and logs. So, log management could be improved.

Moreover, I'd just like to see an improvement in stability.

View full review »