We changed our name from IT Central Station: Here's why

Can I deploy Zscaller as a transparent proxy?

Secure Web Gateways typically consist of a number of features such as malware protection, URL filtering, content filtering, SSL content scanning, web based DLP capabilities. Deployment methods to look for include proxy, in-line and transparent \ bridge deployments as well as port mirroring\span port capabilities, ability to work with and integrate ICAP and WCCP.

ITCS user
33 Answers

author avatar
Top 5Real User

Sorry the delay to answer this question.
Due to Zscaler is a service in the cloud, there is not too much constraints in terms of SSL scanning related to impact on performance or update of ciphers. This is a big advantage. You don't need to be worry about. In terms of complex applications like Office 365, Zscaler provides "one click configuration" for Office 365. In one click you will have applied all rules required for O365.
In general SSL scanning with Zscaler is not a complex task. Time to time you will need to apply some bypasses rules for services or apps (like file sharing) that are using SSL pinning certificates.

author avatar
Top 5Real User

Yes. But due to the implementation is in the cloud, the setup is quite different.
From you location, a GRE or IPSEC tunnel to the Zscaler cloud is required. If you forward your HTTP/HTTPS traffic inside the tunnel, Zscaler will intercept it and will apply all security and policy controls.
SSL scanning is easy to do. Simple deploy a SSL root certificate on your pcs and done. There is not restrictions on traffic or impact on performace.

author avatar

I would be interested to know constraints related to transparent SSL content scanning with this product. Thanks in advance.

Learn what your peers think about Zscaler Internet Access. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
563,327 professionals have used our research since 2012.