The pricing for Private Access seems to be on the expensive side, and I believe they should consider making it more competitive with other solutions. Specifically, they could improve pricing by offering customizable packages that cater to each customer's specific needs.

Connectivity to voice-over IP (VoIP) solutions, both private and VoIP, is scheduled to be included in the upcoming week.

The area that requires improvement is their support. The current support is lacking. 

Other than that, once you have the right people on the phone, the product performs as advertised. However, multiple clients have complained about the support. 

We are getting some issues with internet access. Authenticating or onboarding something on Zscaler Private Access manually is a troublesome task. Users report application access or latency issues with Zscaler Private Access.

Zscaler Private Access does not currently offer the ability to assign static IP addresses, which are necessary for supporting telephony or backend communication. 

While Zscaler supports client-initiated connections, it does not support server-initiated connections. This is a feature that Zscaler may consider adding in the future.

Currently, we are using APIs, and we need some enhancement on the script running with the Zscaler SASE cloud API. Also, it would be better if we could integrate with other vendors. We often face performance and latency issues with Zscaler SASE.

There is some issue while accessing the portal. It takes too long. It will take longer if I am on the URL Cloud App category and switch to other tabs.

Zscaler Private Access's reporting is poor. We should have more insight into the reports regarding what is blocked and allowed.

Although it's good, the DX layer could be better if it had improved visibility. There is definitely scope to enhance that aspect. Some customers are looking for application connectivity over zero trust which is a concern for them. I believe it's in the Zscaler roadmap and we hope to see that in the near future. 

We would like to extend the SASE applications for Zscaler. We'd like to see more work in the area. In our understanding of it, SASE features are very helpful in extending to various other applications like CASB, DLP, et cetera, ensuring the network can be set up to be very agile. SASE adoption is a very prime focus for most customers due to its benefits.

Zscaler functions as a kind of proxy, but they lack responsiveness when it comes to customer requests. The granularity in blocking is not sufficient. For example, when a new domain is detected, it is automatically blocked for 30 days. If there is no further information, it is added to the trusted list. Attackers are aware of this and take advantage of it. They set up a benign site, get it categorized as safe, and then introduce malicious content afterward. Trying to get the categories reassigned or realigned is a challenge, as Zscaler is not very responsive in addressing such issues. In my experience, compared to BlueCoat, Zscaler falls short in terms of responsiveness.

It has a limitation, if you are creating a rule or something for a web application or something, you could only add five users, not more than that. Five or four users are only included in a rule. If you want to create a rule for more than five or four users, you have to go through other methods, not particularly with the application. Working within the application with this method would be quite easy as compared to listing a URL or a normal IP address.

We faced certain migration and implementation challenges in executing the tasks, so I would suggest improvement related to the stability of the solution. It would be beneficial to ensure a smooth transition with no to minimal interruption of the operation.

The stability could be improved.

Zscaler Private Access could improve by improving external access. If external parties want to access locally to my company's services, we need to onboard them into our domain, otherwise, it doesn't work. Additionally, if their company also has Zscaler Private Access, then it doesn't work. They need to log in with our domain ID, not their company ID.

More on-prem infrastructure is required when Zscaler Private Access is to be implemented as a single point of entry.

Since the whole concept of app segmentation is license based, making the app segmentation extremely granular becomes very expensive for an organization. As a result, not all organizations would adopt a granular approach for rolling out their Zscaler Private Access solution. So the entire approach must be seen differently, not the standard license-based approach. As an organization, if I want to make the access for my employees more granular, then it means that I will have to buy more licenses. Organizations with 10,000 to 20,000 applications, including their business partners also connecting to their applications, would need to invest a lot of money into making it granular. Okay. That kind of investment may not be viable for every organization to make, which could limit the use of Zscaler Private Access.

The management of the product has to be clearly defined or they will conflict. Sometimes you have to add bypass rules allowing specific websites access for internal purposes or for it to completely bypass altogether.  Make sure that it is the same teams who are managing the firewalls and the product. They should all be on the same team. If you have two teams managing it separately, you are going to run into a lot of problems.

The menu for the ZIA portal could be organized a little bit differently. The most-used modules should be at the top of the menus, not somewhere near the bottom, some of them are not organized well in my opinion.

To enhance their offering, it is advisable for them to focus on strengthening the foundation of their architecture. Additionally, they should consider integrating a broader range of services that go beyond what managed service providers typically offer independently.

There could be more DLP-related features. Additionally, there needs to be flexibility for integrating ISP features.

I’m not sure if any features are lacking. I’m mostly happy with it. That said, I’m not familiar with every area of the product. I need to study it a bit more.

Sometimes applications crash on some machines, and we’d like Zscaler to give us some information as to why that may have happened. We’d like more detailed reports.

We are supporting our supply-chain in India. Our connections through Zscaler have degraded drastically. Improvements are required in speed and bandwidth. 

The biggest disadvantage is there are no SCMP network layers available. The older network connection checks cannot be done because it's not included in the solution. 

We are programming our old solutions and they have not included support for legacy Windows. This is a huge disadvantage for me.

SCMP support would be one of the biggest improvements in my opinion. More speed improvements are also required. Very simple. 

If I need to monitor a third party supplier, if I have no SCMP, I cannot do the monitoring.

Some data may be cached if it is not available. This another important issue we have which needs to be improved, i.e. when the availability is not given the cache should not be used. 

At least we need Zscaler Private Access to make sure that the cache represents what is available to the users.

Zscaler Private Access needs to improve its collaboration with applications without compromising security. The solution needs to improve native security, seamless protection, and user experience. Users should be able to access the solution anytime, and it should be made easy to install and easy to understand.

Zscaler Private Access needs to improve its customization.

The reports can be made easier. The solution takes time to fetch reports in the Database section. Otherwise, the reporting module itself is well-designed.

Everything looks good in Zscaler Private Access, but the issue my team faced with it was the inability to find subscriptions on the portal. That caused some difficulties, so it would be better if the Zscaler team made it easier for people to find subscriptions on the portal, mainly information on what my customers subscribed to or the type of licenses purchased.

What could be improved in Zscaler Private Access is its notification. For example, if there's a speed issue, there should be a pop-up that alerts the user about it. If there is a network quality issue, for example, it isn't good enough to connect to, or the network quality is bad, there should be a notification from the solution.

Zscaler Private Access also needs improvement in terms of its interface and security.

So far, we are happy with the solution. I can't speak to any missing features. Based on the customer feedback, they're doing good. We don't see any negative point at this point in time.

An area for improvement would be the ease of configuration.

We'd like to have two-factor authentication that is quite simple.

This is a great solution, I'm just searching for an alternative because the costing or the commercials for this type of solution tends to be a little high, although we have been using it for a year already. We've found it to be more expensive than other products. However, we also know that unlike other VPN solutions, this one has many features that any organization would like to have. We're looking for an alternative product that offers similar services or features.

It has massive room for improvement. The Zscaler product itself is okay, but it doesn't give enough granularity for us as an organization to stipulate rules or processes, especially for data-driven services. For instance, we can stick on SSL inspection, but it's just a click box. It doesn't allow us to go any further into the detail of the SSL inspection. We also can't pull it out without having an additional logging server. It just doesn't give us enough granularity. 

They should give us more control over the interfaces because it is all backend. They weren't very open to discussing their backend architecture with us in terms of their own data centers. They can maybe a little bit more open about what components are there and how the backend infrastructure works alongside Zscaler.

Its licensing can be better. Some of the additional licensing costs are quite high, and they should have certain features ready and available as a baseline rather than having to purchase additional licenses for it. 

Their support should also be improved. I initially had a consultant from Zscaler for its deployment, but the support that I had throughout the deployment of the project wasn't the best.

There is improvement in enhancing proper manageability, policies, and logs. So, log management could be improved.

Moreover, I'd just like to see an improvement in stability.

Due to the fact that it's a multi-tenant hosted environment, it should be noted that other solutions, like Palo Alto, are single-tenant solutions. It's the customer that's hosting it, it's a single tenant. Zscaler hosts a SaaS solution and a multi-tenant, not a single-tenant environment. It would be nice if they offered that as well. This is where probably Zscaler can differentiate itself.

There are latency issues with the solution. They are small, however, they are there when you compare it to other vendors. These things only come up when you're talking to enterprise customers who are really looking at those things. For smaller to mid-sized customers, Zscaler makes more sense. These things make it cheaper and more efficient, as well, for Zscaler. 

The interface needs a bit of work. It could be a little more streamlined and more intuitive.