Zscaler Internet Access Room for Improvement

Dragos Cernat
Global Information Security Architect at a engineering company with 10,001+ employees
On the technical side, the only thing that I believe this scanner can improve is in the way they allocate traffic. For example, a big site doesn't have the ability to have its IPs inside the cloud, so Zscaler doesn't allocate you certain IPs for traffic. Your traffic goes to the nearest Zscaler point, and from there you get an IP. Sometimes that is problematic, because your users use the same IPs that another client is using so you don't get the ability to do some rules using some IPs. For example, you cannot use conditional access to high influence IP. You can't say if somebody goes to Zscaler I know that traffic is secure so I can let them past. In this scenario you cannot do this, because Zscaler is using a pool of IPs and they'll circle them for all the clients. I would like to see the ability to choose a pool of IPs for my company, set up rules based on them, and know that those IPs are not used by other companies. View full review »
Kamran Shaheen
Consultant at a tech services company with 1-10 employees
In terms of usage, here in the GCC, it's still growing a growing market, so the combination of DLP, data leak prevention, to a certain extent is fine. But what it requires is user-based access or role-based access. The solution needs to grow into that, which definitely takes time. There's not an easy way to integrate it when you have a cloud-based solution. The only DLP you can have is for the web, such as iboss. The DLP part is quite crucial for this particular region. DLP, machine learning, artificial intelligence, and some algorithms can be built into the solution. There are certain pet algorithms for AI and machine learning which everybody is moving towards, so that needs to be added to the solution as well. View full review »
Stuart Hardy
Managing Director at Onesecure
The solution is a cloud service, so when you have Zscaler Internet Access, you still often require firewall appliances at the edge to act as gateways to Zscaler. There are certain elements that you can't necessarily ever extract at a network level, which makes it difficult to go completely appliance-less. You could see it as a downside, but if there's an unavoidable reality of how networking is addressed at this point, and I think that's the only thing that for us is unfortunate, having to always retain some type of alternate firewall or router capability inside the network in order to get to Zscaler, as an example. We've noticed a trend of Linux support being available at a mobile and workstation level, which isn't available from Zscaler yet, but we are expecting it soon. Zscaler also doesn't offer easy Cisco Meraki integration, which is also on the roadmap, even though we've seen it becoming very common. If we try and use Zscaler with Meraki, it's a fairly manual process to get Meraki to connect to Zscaler, whereas in all other SDware products, there's a lot more automation. The only other thing we would love to see in Africa would maybe be an additional Zscaler hub in another strategic location like Kenya to really round out Africa because there are only two hubs in over 30 countries on the continent. One is in South Africa and one is in Nigeria. Africa is kind of a black hole for all cloud providers, which makes life tough for us because there are performance issues when delivering cloud-related services. A little bit more penetration into Africa would help with this. View full review »
Learn what your peers think about Zscaler Internet Access. Get advice and tips from experienced pros sharing their opinions. Updated: December 2020.
455,536 professionals have used our research since 2012.
Gregor Burow
Channel Alliances Leader Germany at ALE
I don't know whether it's Zscaler or not, however, sometimes I can't access my time management. I need to wait and try again a few hours later. Typically, if I let some time pass, I can access it again. From time to time, there's instability in terms of the user experience. I don't know whether it's Zscaler or the time instrument server itself. I don't know the root cause here, that this is the only thing, that causes me issues. Otherwise, I'm quite happy with it. The solution should do more in regards to handling phishing emails. They maybe should pair with a solution like Palo Alto in order to offer a more holistic view of the security and offer behavioral analytics or endpoint protection, etc., and all from one vendor. Data Lake, for example, is a product that gets the information and gives feedback to the user. There seems to be a high volume of phishing emails that we get, and I'd like to understand what the company is doing to address that. Zscaler seems like it's just a bit too static. View full review »
Suren Rupnarrain
IT Manager at SiVEST
The reporting could be improved to make it a little bit easier. When it comes to individual users, I'd like to see easy reporting that can be shared with executives. Due to my technical background I don't have issues to understand the reporting. However, if I have to give a report to an executive to read, he may find it too confusing. He wants to see something simplistic that contains information like what the user's access time was, how long the user spent time on the site, which sites was visited, what they did etc. The current reports can, therefore, be somewhat improved and simplified. Another thing that I would like to see is if Zscaler could have a separate product for direct access. I looked at a private access solution, but I understand there's a separate product that isn't integrated with this. View full review »
IT Projects & Innovation Manager at a pharma/biotech company with 1,001-5,000 employees
The implementation process needs improvement. Even if you have implemented it, it doesn't mean that it is done, you have to pay for the service afterward. It's not a one-shot implementation, you need to spend some more effort on it afterward. It also needs better integration with other applications as well. There are some restrictions. I would like to see them incorporate a user ID or application ID in the next release of this solution. View full review »
Managing Partner with 1-10 employees
Zscaler should provide adjacent services, which would be complementary to their current offering that could to be more pragmatic for a customer. For example, if you take Akamai, you get multiple sets of services, all depending on the customer and the strategy and the complexity and the problems. In some areas, they are more varied in terms of coverage. For example, they also offer content delivery networks, which is complimentary, and for some customers that could solve two problems at once. By providing a wider range of services, Zscaler could reduce deployment risk and operational risk by being a one-stop-shop type of solution. In the next release, Zscaler should offer a content delivery network. View full review »
Paul Zalewski
Chief Technical Officer at Accountabilit
It needs better integration with other applications. It takes a fair amount of regular activity to apply the by-passes because it is very strict in its restrictions and frequently you have to go in and open things up to allow the workforce to work. The logs that are consumed by our security solution could be a bit more definitive, from an audit perspective. It's sometimes difficult to determine which end user a particular generated alert is associated with. View full review »
Network Engineer at a financial services firm with 5,001-10,000 employees
There are a few features that are not compatible with the Azure cloud. It's not fully compatible with our environment because of the way that it is divided into business units. In order to get it working properly, there are some things that we had to put in for enhancements. Otherwise, everything works well. View full review »
Learn what your peers think about Zscaler Internet Access. Get advice and tips from experienced pros sharing their opinions. Updated: December 2020.
455,536 professionals have used our research since 2012.