If you were talking to someone whose organization is considering Zscaler Internet Access, what would you say?
How would you rate it and why? Any other tips or advice?
I'm currently consulting clients, and have worked with this solution extensively in the past. Most of my clients are moving from a private cloud to a hybrid cloud deployment model. The way Zscaler has shaped their product is very good. Now they need to expand the coverage and to have a more global service. For mid-players and sometimes top-players, multiplying the numbers of providers to build an integrated solution is a complex endeavor. If Zscaler expanded their services, that would remove some complexity, I would rate the solution seven out of ten.
With MSS service providers, they prefer to have an on-prem OPEX-based deployment model. Like telecom providers or data center service providers, they buy the service and roll it out to customers or sell it to their own customers for a monthly fee. We have a mix of clients who prefer to have private clouds and hybrid models. There is competition, with, for example, iboss and Fortinet in the region. iboss is hardware-free but the company is young and still growing. It's not there yet. Zscaler, however, the way they have matured the market and have become a mature model, makes them preferred over other vendors or other brands. In terms of implementing Zscaler, it's quite straightforward, but even having a straightforward technology like Zscaler requires a consultative approach of which are the critical areas where the service needs to be deployed first. That needs to be studied as per the cybersecurity guidelines so that the right protocols are implemented. I would rate the solution seven out of ten. They still have some features to integrate. The solution is still evolving.
We use the ZIA Business Suite, a version of Zscaler Internet Access. We use the public cloud deployment model. The solution is very straightforward. That's what we like about the cloud - all the capabilities that are there, and that are available immediately. There are things customers really have to have before they integrate the Zscaler. They need to understand ADFS and have it integrated properly into their own network. As long as the customers that you work with do the work required of them before integrating Zscaler, then it's seamless. The problems we encounter happen when customers don't get to the point they need to in order to take it on as a product. I would rate the solution nine out of ten.
Check if a product like this makes sense for you. And look at the specifics: what you need in terms of security and what features you would like to have in it. Zscaler is one solution. It's a good solution, but it doesn't do everything. First of all, analyze a few solutions and make a demo. Without a demo, I do not recommend moving forward, because any security solution comes with a price. There is also the financial price, to know if that is okay for your company. Usually Zscaler works best for companies that have users that do not stay in an office. They have road warriors. I would recommend it for companies that have a lot of users moving from here to there. I would rate Zscaler as eight out of ten. It's not an ideal solution, one of the things is that I do not have my IP fully inside it. For example, you have countries where they don't have a lot of presence and then sometimes they go to another country where they have a presence or data center. When you come back to the other country, and you have to open a fiber, it can be geographically restrictive. I find my country and am going through by neighborhood. When I come back to my country, I cannot see it because I'm geographically restricted. I'm not part of that country, so that's one reason Zscaler isn't ideal.
It was also one of four other products I believe but the Zscaler I can say that for bandwidth control, it is good, so we are not using at the moment data loss prevention feature so I cannot comment on that, but I believe, when you use Zscaler, you are not protected from all malware and malicious attacks, so you may need another tool just to cover these gaps. Zscaler is not enough for advanced protection. You need an additional tool. Bandwidth control, reporting, and visibility are good but the cloud-based and the advanced protection aren't so great so I would give it a six out of ten.
My advice to other users would be to determine if the reporting meets their requirements. They should get their whitelists, blacklists, groups and active directory set up properly before trying to implement it because it has a very strong integration with the active directory. Therefore, if you have your active directory well set up, you can classify your users and create groups as to who can go where and who can do what on the internet. If I have to rate this product, I will give it a nine out of ten - simply because I never give anything a ten.
Pay attention to the Zscaler recommended best practices. Don't try to figure it out on your own. Go with what they say to do. I would rate it an eight out of ten.
The solution's great, but you have to put it into context because of the pricing and the way it basically protects the device from anywhere. It is really more meant from highly distributed organizations, for organizations that have a lot of work from home and those with road warrior workers. That's what it is designed for.