We just raised a $30M Series A: Read our story

Zscaler Internet Access OverviewUNIXBusinessApplication

Zscaler Internet Access is #2 ranked solution in top Web Security Gateways and top Internet Security tools. IT Central Station users give Zscaler Internet Access an average rating of 8 out of 10. Zscaler Internet Access is most commonly compared to Cisco Umbrella:Zscaler Internet Access vs Cisco Umbrella. Zscaler Internet Access is popular among the large enterprise segment, accounting for 73% of users researching this solution on IT Central Station. The top industry researching this solution are professionals from a computer software company, accounting for 28% of all views.
What is Zscaler Internet Access?

Zscaler Web Security provides unmatched security, visibility and control, going beyond the basics of web content filtering. Delivered in the cloud, Zscaler includes award-winning web security integrated with our robust network security platform that features advanced threat protection, real-time analytics and forensics. You'll get protection across every user, location and device, including laptops, smartphones, tablets and Internet of Things devices.

For more details: 
https://www.zscaler.com/produc...

Zscaler Internet Access was previously known as ZIA.

Zscaler Internet Access Buyer's Guide

Download the Zscaler Internet Access Buyer's Guide including reviews and more. Updated: November 2021

Zscaler Internet Access Customers

Ulster-Greene ARC, BanRegio, HDFC, Ralcorp Holdings Inc., British American Tobacco, Med America Billing Services Inc., Lanco Group, Aquafil, Telefonica, Swisscom, Brigade Group

Zscaler Internet Access Video

Pricing Advice

What users are saying about Zscaler Internet Access pricing:
  • "The pricing is fair based on its competitive market."

Zscaler Internet Access Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
MA
Service Manager at a construction company with 10,001+ employees
Real User
Top 20
AI decision-making on quarantined documents reduces manual work

Pros and Cons

  • "For our needs, the cloud-native proxy architecture is a very good solution. We are moving away from on-prem appliances and moving more toward cloud-based solutions. Zscaler is a good fit for our strategy. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."
  • "The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments."

What is our primary use case?

It's primarily for end-user access to the public internet. We use the proxy functionality and the URL Filtering.

We have a global policy for all our users. While there are a few categories of URLs that we are not allowed to do SSL inspection on, the primary function for us is to do SSL inspection so that we can make use of the built-in anti-malware and antivirus—the advanced-threat features—within the platform. We do SSL inspection of some 80 percent of all the traffic and we can evaluate if it's malicious or not.

It is a cloud solution where pretty much everything is handled by Zscaler.

How has it helped my organization?

Zscaler has helped to reduce the time we spend managing security policies. That is very important to us. A lot of the features it has are AI-based decision-making. For instance, if we implement a sandboxing rule for how files of a certain type should be inspected, we also can activate the AI decision-making process. That way, even if a file is new to the sandboxing environment, it can still see that it is a PDF and has these and these characteristics. Based on that, the AI says that "No, this file is not malicious," even though it normally would have been quarantined and sandboxed and have gone through the whole analysis process. The AI helps out in minimizing the time to do that analysis. And that also helps in reducing the burden of someone actually having to do things manually.

If you count everything that was involved in managing the appliances, the lifecycle management, and support contracts, in our old environment, we have reduced the number of FTEs managing the environment from five or six to about two.

It has also definitely helped reduce the number of infected devices in our organization by proactively preventing attacks. Since we scan almost all of the traffic, we now see how much of the traffic is "malicious." In our environment, we block about 1.6 million threats every quarter, but we don't know the severity of those threats. Maybe 1 million of them are malicious content in some way, while half a million are adware. But there are real threats that are being blocked, like botnet callbacks, cross-site scripting, and browser exploits. On average, we are blocking about 500,000 threats per month. 

What is most valuable?

There are a bunch of different capabilities that are valuable within the platform. We use quite a lot of them, but not everything. The ones that are most important to us are the URL Filtering and the application control. 

For our needs, the cloud-native proxy architecture is a very good solution. We are moving away from on-prem appliances and moving more toward cloud-based solutions. Zscaler is a good fit for our strategy. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway. But there are parts of it that we don't use yet, like the DLP functions. Instead, we are using the Zscaler Cloud Sandbox feature for content that is downloaded as files. We detonate the document in a sandbox and see if it's malicious or not.

It's a very easy-to-learn and easy-to-use platform, even for me as a more non-technical person. I'm still able to do a lot of work in this platform.

What needs improvement?

The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments. It's quite hard to get a good report. 

Another issue is that the API documentation could be a bit more up-to-date. They're implementing stuff, but not updating the documentation all the time.

For how long have I used the solution?

We have been using Zscaler Internet Access for the last five years.

What do I think about the stability of the solution?

Since we have global reach, we are seeing a bit more instability in Asia, primarily in China, but I'm not sure that it's related to Zscaler. I think it's more due to how China does things in terms of internet access.

What do I think about the scalability of the solution?

It scales very well, if you go for the cloud-based solution alone. In certain regions in the world, we have started to implement local appliances, like a VEN node, where we don't have good coverage from Zscaler's public data centers. But if you only use the public data centers, it's getting a lot better. A while back, there were 35 or 40 data centers that we could use globally, but now there are over 80. So the scalability is quite good for us.

How are customer service and support?

Zscaler's technical support team is good at what they do, and they help us fix our problems quite fast. I would rate them eight on a scale of one to 10. There's always room for improvement.

We have had issues from time to time where they don't really see our problem as a problem, but we, as a customer, are being affected. They have a few different ISPs that take care of traffic to and from their data centers, and when their ISP is not performing, we, as customers, are suffering. There have been occasions when we have seen that our traffic is being routed very strangely within the Zscaler network, but they don't see that as a problem. We do, because all of a sudden, all of our Swedish users are going to the data center in Norway instead of Sweden. For Zscaler that is not a problem because they are still doing their job. But for our users, it's complicated because Norway is not part of the European Union, whereas Sweden is. If they go through the VEN node in Oslo, Norway, we cannot reach stuff that is EU-regulated, such as export and import functions within the EU. That is a big part of what we do. At times, it has been hard to get the Zscaler TAC team to understand that this is a problem for us, as a company.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We used to have an on-prem solution doing pretty much the same thing as Zscaler, but as our strategy is cloud-first and internet-first, we thought that we should also use a cloud-based solution. We started to look at the alternatives, five or six years ago. What we saw was that there was only one, at the time, that was mature enough for our needs.

Since then, Zscaler has evolved quite a lot. In the beginning, there was no Zscaler Client Connector, an agent on your computer. It was all cloud-based, but that changed about a half a year after we started to use Zscaler. We assessed whether Zscaler fit our needs or not and we saw that for 75 or 80 percent of our needs, it was a good fit. Some aspects were not mature back then but they have matured over time.

How was the initial setup?

The initial deployment was quite straightforward. I wasn't really on board at the time the implementation of Zscaler took place, but overall, when new features and functionalities are added to the product, it's quite straightforward to implement them and to roll them out to large user groups, or globally. From a rollout perspective, it's quite easy to use.

Initially, one of our demands was that everything should be cloud-based, meaning we shouldn't have any agents on each computer. We learned the hard way that such an approach doesn't work well, because you need something to control the path from the user's computer to the Zscaler cloud. You need to be able to steer how the traffic goes. You can do that with PAC files. But ultimately, together with Zscaler, we figured out that a client was needed, at least for our needs.

What was our ROI?

Zscaler has helped us save costs by enabling us to decommission all of our legacy proxies. We had at least nine locations with appliances, and we had multiple appliances per location. It has helped us save money.

We have also seen ROI in terms of the cost of both the lifecycle management and the service and support contract that we previously needed. We have saved quite a lot there. I don't know the exact numbers, because I'm not in charge of the finances, but if you count the resources needed to manage the platform, we have saved up to 45 or 50 percent of the cost we used to have.

Which other solutions did I evaluate?

Back then, there weren't many other cloud-based solutions available. There were hybrid models, but we wanted a completely cloud-based solution. 

At the time, Symantec had the beginning of a cloud-based solution, but it was very immature and it didn't work as well as Zscaler. Zscaler had been around since around 2010 and was five years into their journey, while Symantec was only a year or two into their journey. We opted for the most mature at that time.

Since then, we have looked at other solutions, including Netskope and a few others. They are similar in their design, but Zscaler has features in its design that make it stand out from the competitors. For instance, their scanning methodology is something like, "Scan once, analyze many times." That means there is a one-time scan of the traffic, but with multiple different threat engines, for antivirus and anti-malware, et cetera. And they do it only in the RAM memory of their cloud solution machines, which makes it super-fast. They can scan a lot of traffic in a very short amount of time. That part is something that a lot of other vendors are not doing. They're scanning in sequence, not in parallel.

What other advice do I have?

Make use of the Zscaler Client Connector as much as you can, with all of the functionality that comes with it. Also, do not allow the users to disable the Zscaler Client Connector, because then you don't know if traffic is actually going through Zscaler or not. If it's always on, you know that if something is not working, it's your policies that are doing something to the traffic. We used to make it possible for a user to disable the Zscaler Client Connector, which then made it impossible for us, as the team that troubleshoots problems, to know if the traffic was actually going through Zscaler or not. If you don't have that control, you don't know where the problem is. Now, at least we know that it's either on the client or it's on Zscaler or it's on the destination that they're trying to reach.

As for saving time with this system versus deploying and managing traditional network security hardware, it depends on how you build your management of the solution. We have opted for a solution where we manage everything centrally. We have one IT team that manages all of the Zscaler Internet Access policies and settings. But there is an option, and it's one of the strengths of Zscaler, to delegate control of parts or all of the solution to other teams. For instance, you could have URL Filtering policies that are managed by a local IT team in a given country. We don't do that. We manage everything from one team and we control everything, for our whole organization, from this management platform. We control the forwarding policies, the application access policies, the URL Filtering policies—pretty much everything.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
ON
Security Architect at Claro Enterprise Solutions
Real User
Top 5Leaderboard
Inspects all your traffic so you don't get compromised

Pros and Cons

  • "Zscaler Internet Access protects using data loss prevention. If you have a CASB exposing your cloud out into the network, then Zscaler Internet Access will go ahead and control that unknown cloud application in the CASB, protecting it. There is also data detection with exact data match. This improves the data coming into your cloud so you are protecting it."
  • "An improvement would be if they could provide an out-of-the-box experience, like 20 to 30 features all ready to go. In comparison, LogRhythm offers out-of-the-box features. With Zscaler Internet Access, there is firewall IPS, multiple security services, filtering, DLP, and CASB browser isolation. These are things that all users are going to be using. However, when an administrator or architect would start building this, I would definitely need to engage professional services to help clients do it."

What is our primary use case?

You can have mobile employees who forward traffic into a Zscaler client, or you could use a PAC file. So, if users connect at the beach, a hotel, coffee shop or something outside their actual office, it will give them protection.

You can use it with a secured Internet using a web gateway to deliver to the cloud.

How has it helped my organization?

The benefits of Zscaler Internet Access are the speed of the solution and never having performance issues or limitations. The fact that none of my end users are experiencing any threats, zero-day, bots, or malware says a lot about the solution. 

Zscaler Internet Access enables the inspection of traffic, including SSLs. You want to make sure that nothing is coming in through your HTTPS traffic. For anything that is coming in that might be a threat, you want to ensure that you are using a good proxy for that. There is malicious traffic out there, so you want to make sure you are tracking and viewing that. There are a lot of threats that come through as well as a lot of programming languages, so you definitely need to inspect traffic.

It is worth it. It works. I don't need multiple alerts, because it is set up with the right policies. Definitely, it is a beneficial device which doesn't always need constant monitoring. It inspects the encrypted traffic and verifies what threats are coming in. It intercepts incoming traffic and decrypts it, then reviews it. So, why have antivirus scanning or web filtering if Zscaler can do it? It protects me from man-in-the-middle attacks as well. When you use a firewall, you have alerts and false positives, but Zscaler Internet Access pretty much decreases those errors and alerts.

There isn't congestion on your network when you are inspecting traffic with Zscaler Internet Access. 

What is most valuable?

  • The integration of the gateway that inspects all ports and protocols. So, there is threat prevention. 
  • The cloud sandbox
  • VNS security
  • Access control that will protect URL filtering and the cloud firewall. 
  • Data protection that will protect your gateway, like your CASB or your cloud DLP. The capabilities of this will point your traffic to Zscaler Cloud.

The proxy architecture is the way to go. Zscaler uses it to protect their applications on the cloud. So, if you are using Box, Office 365, or even have an end user using LinkedIn or YouTube, then it will give you updated threat updates. It will also inspect all your traffic so you don't get compromised.

Advanced Threat Protection on Zscaler Internet Access has a few functionalities. It has ways to find threats. So, if they are actually hiding, you could do an inspection of your SSL traffic. You also have DNS security in Zscaler Internet Access that will help you route suspicious command-and-control attacks as well as detect threats when it does a full inspection. 

Zscaler Internet Access protects using data loss prevention. If you have a CASB exposing your cloud out into the network, then Zscaler Internet Access will go ahead and control that unknown cloud application in the CASB, protecting it. There is also data detection with exact data match. This improves the data coming into your cloud so you are protecting it. 

It offers a Cloud Browser Isolation feature, which exfiltrates browser activities from the end user's device. This feature can eliminate our exposures on that.

I like its features because they help me eliminate firewalls. I don't need to have firewalls, SIEMs, or an IPS/IDS. So, if all my end users are remote and using Office 365, I am already protecting them because they are in the cloud. I just have to attach the security application, which makes sure that any user who is mobile or remote is protected, without spending money on other solutions.

What needs improvement?

I wish there were a lot less products to learn, because there are a lot. They just keep surprising me with new features, even in the SaaS arena, and they keep improving in every facet. We are Zscaler partners, so I got certified in two platforms, but there is a lot room for improvement. There is just too much training, where they focus a lot on protecting the Internet as everyone is moving to the cloud. I would love for the training to be shortened.

For how long have I used the solution?

I have been exposed to it for a year.

What do I think about the stability of the solution?

My clients have never really called to tell me that stability has been an issue. Feedback has always been positive. 

What do I think about the scalability of the solution?

It is a scalable solution. It is easy to scale and secure remote users. If a company hires 100 more people, I don't think it would be a problem.

The largest environment, which I reviewed, had 2000 employees.

How are customer service and support?

I would rate their professional services or technical support as five out of five based on their experience and expertise. They know how to answer all my client's problems. They are really quick to trigger and understand the client's needs as well as be very supportive. They do very well when helping their clients.

How would you rate customer service and support?

Positive

How was the initial setup?

What I have seen when I am doing PoCs is you need some perimeters to start building this platform and integrating policies from day one. 

An improvement would be if they could provide an out-of-the-box experience, like 20 to 30 features all ready to go. In comparison, LogRhythm offers out-of-the-box features. With Zscaler Internet Access, there is firewall IPS, multiple security services, filtering, DLP, and CASB browser isolation. These are things that all users are going to be using. However, when an administrator or architect would start building this, I would definitely need to engage professional services to help clients do it.

Every customer is different. On average, it could be a two-week deployment. If you are using other devices, like Fortinet SD-WAN deployment, you definitely have to make sure your configured IPsecs are correct. You might have to review policies and your SD-WAN roles. You need to do a lot of cleaning up before you start deploying.

What about the implementation team?

We have a client who wants to start deploying the Cloud Browser Isolation feature. You can embrace this cloud platform using IPAC Files, which is just a clean way of deploying it.

I have personally worked for other vendors doing professional services as part of a professional services team. Every client decided to purchase professional services because deploying Zcaler Internet Access is too complex.

What was our ROI?

I am saving money right now because I am not using old technology, like when we had everything on-premise and in the data center. Now, I just have to direct my end users to the Zscaler file and make sure that they are connected and secure. So, I am eliminating the total cost of ownership and the headaches of on-premise devices. I am also reducing their risk by making sure that they are protected in real-time.

When I talk to clients, they mention that there is a return of investment from improving the real-time protection. There is no need anymore to buy: 

  • An antivirus
  • A third-party vendor to protect your DNS, like Cloudflare. 
  • Check Point SandBlast 
  • Symantec DLP, Forcepoint, or Netskope since you already have DLP protection. 
  • LogRhythm or Splunk for logging.

Those are the benefits. I have a lot of clients explaining this to me that this is the reason to have this solution. Zscaler Internet Access is transforming all that for web traffic security.

What's my experience with pricing, setup cost, and licensing?

The pricing is fair based on its competitive market.

Which other solutions did I evaluate?

Palo Alto's vulnerability assessment requires an on-prem solution to work with your cloud. Zscaler Internet Access has already been bundled up to provide no-hassle, free Internet network connectivity that ensures protection. When you are using Palo Alto and want to assess vulnerability in your network, you probably need to use on-prem and cloud workloads. There is no reason to do that with Zscaler Internet Access.

Zscaler Internet Access has ease of development, like minimal setups needed for connectivity. You can continue securing protection, allowing your remote users to have access to your applications. Then, it is pretty quick to set up for Zscaler Internet Access. Some companies don't have many tools, so there are no delays there. When it comes to LogRhythm, there are a lot of things that you have to deal with. You have to deal with your log server as well as setting up your authentication server, firewalls, policies, rules, and zones, then you need to get it running and customize it based on your company's needs. Because LogRhythm has 30-plus features ready to go, it can be easier and smoother to deploy. However, there will always be a couple things where you have to do some preliminary requirements before you continue.

What other advice do I have?

Overall, it is a secure platform.

I actually interviewed with Zscaler to work with them because I have been impressed with their technology overall, especially over Palo Alto Networks technology who is their competitor and has a SaaS solution as well. From the top to bottom, Zscaler Internet Access is a great security product that protects my end users and remote users in the cloud.

If you want total cost of ownership and zero-trust architecture, Zscaler is the right solution to fit the needs of any environment.

I would rate the solution as 10 out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Learn what your peers think about Zscaler Internet Access. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,529 professionals have used our research since 2012.
DC
Global Information Security Architect at a engineering company with 10,001+ employees
Real User
Centralized firewall that protects the whole topography

Pros and Cons

  • "The scanning feature is impressive, because they do not introduce a big latency to the traffic."
  • "I would like to see the ability to choose a pool of IPs for my company, set up rules based on them, and know that those IPs are not used by other companies."

What is our primary use case?

We use it for security. We installed it on our work computers and also for other traffic from the office. We are using it for perimeter security and that is useful for us.

How has it helped my organization?

I will give you an example. Before implementing a computer scan on all PCs, our main problem was when we received a phish or something like it. It was impossible for us to tell if it was people from inside or outside our organization that clicked on it. If people that were inside our organization had different appliances for checking the traffic, you had to connect each appliance and get the receipt from that URL. It was a little bit complicated. With the scanner, for example, if somebody clicks on a bad URL you just add that to the reporting part and in a matter of minutes it generates a report, where you can see exactly who clicked on that link and who did something before you got a chance to block that malicious URL. That is the first benefit that comes to my mind and I think it was a huge improvement in our site. Having a centralized firewall that protects the whole topography is quite awesome when you also have users that are not on the plan because it actually improves visibility of those users.

What is most valuable?

I cannot say that I found only one feature that is most valuable, but I can tell you that I find value in traffic scanning and samples. That I think is quite valuable for all their software. The scanning feature is impressive, because they do not introduce a big latency to the traffic. I really like how they manage this part.

What needs improvement?

On the technical side, the only thing that I believe this scanner can improve is in the way they allocate traffic. For example, a big site doesn't have the ability to have its IPs inside the cloud, so Zscaler doesn't allocate you certain IPs for traffic. Your traffic goes to the nearest Zscaler point, and from there you get an IP. Sometimes that is problematic, because your users use the same IPs that another client is using so you don't get the ability to do some rules using some IPs. For example, you cannot use conditional access to high influence IP. You can't say if somebody goes to Zscaler I know that traffic is secure so I can let them past. In this scenario you cannot do this, because Zscaler is using a pool of IPs and they'll circle them for all the clients. I would like to see the ability to choose a pool of IPs for my company, set up rules based on them, and know that those IPs are not used by other companies.

For how long have I used the solution?

We've been using Zscaler for 4 years.

What do I think about the stability of the solution?

The product is mature. I can't say it's not stable. It's been there for a while now and it proves that it can do the job according to what they say they do. I cannot say that they are not doing the best of what they think they should do. So at this point, they have a mature product and are working quite okay.

What do I think about the scalability of the solution?

There are no issues there. The number of users doesn't matter, whether you have 100 users or 2,000 users. The only impact you'll have is on financial side. For 100 users you will pay differently than 10,000 users, so I don't think you have an issue on this side.

All our users have libraries on their computers. So if they have a device from the company, they have Zscaler on it. I think we have about 3,000 users in my company.

We have one or two people on maintenance from the global networking team. You don't need to do something special, it just works. The only thing we need to do is check daily if there are any threats, as well as to verify the US dollar and stuff like that. In terms of maintaining it, doing something to make it work, you don't have to worry about that. It's a cloud provided solution. The only thing that you have to concentrate upon is the business side. You have to see how your business is affected, what type of traffic you have in there, and check security threats on your site. That's it. The product by itself is run by the Zscaler team and they do a good job. We do not have maintenance debts. The only incidence that I remember is last month they were blocking our site or something , but that was solved quickly with support from Zscaler.

How are customer service and technical support?

I did not get any experience directly, I got some instance of indirect support. I asked networking for something and they work directly with the support. My impression was that they responded quickly, relatively speaking. I don't know exactly how it works on the other side, but my impression indirectly was that they offer quick support.

Which solution did I use previously and why did I switch?

no cloud solution and we had to route back to office the road warriors trafic 

How was the initial setup?

From what I discussed with my colleagues from the network that we were working with, it wasn't a difficult process. I cannot tell you how long it took.

Which other solutions did I evaluate?

We didn't have a similar solution. We had a solution, but we didn't have something cloud-based as a security solution, so I would say we did not use any cloud security-based system.

What other advice do I have?

Check if a product like this makes sense for you. And look at the specifics: what you need in terms of security and what features you would like to have in it. Zscaler is one solution. It's a good solution, but it doesn't do everything. First of all, analyze a few solutions and make a demo. Without a demo, I do not recommend moving forward, because any security solution comes with a price. There is also the financial price, to know if that is okay for your company. Usually Zscaler works best for companies that have users that do not stay in an office. They have road warriors. I would recommend it for companies that have a lot of users moving from here to there.

I would rate Zscaler as eight out of ten. It's not an ideal solution, one of the things is that I do not have my IP fully inside it. For example, you have countries where they don't have a lot of presence and then sometimes they go to another country where they have a presence or data center. When you come back to the other country, and you have to open a fiber, it can be geographically restrictive. I find my country and am going through by neighborhood. When I come back to my country, I cannot see it because I'm geographically restricted. I'm not part of that country, so that's one reason Zscaler isn't ideal.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Gregor Burow
Channel Alliances Leader Germany at ALE
Real User
Top 20
A stable solution with good security but needs to do more to address phishing emails

Pros and Cons

  • "The security is excellent."
  • "I don't know whether it's Zscaler or not, however, sometimes I can't access my time management. I need to wait and try again a few hours later. Typically, if I let some time pass, I can access it again."

What is our primary use case?

The product is an endpoint solution for private and internet security. I use it myself in my home office. I'm in sales. I use it as an endpoint solution for my laptop, for my device, in order to get access to some internal service applications, such as pricing and time management tools.

What is most valuable?

Zscaler is a very stable solution.

The security is excellent.

What needs improvement?

I don't know whether it's Zscaler or not, however, sometimes I can't access my time management. I need to wait and try again a few hours later. Typically, if I let some time pass, I can access it again.

From time to time, there's instability in terms of the user experience. I don't know whether it's Zscaler or the time instrument server itself. I don't know the root cause here, that this is the only thing, that causes me issues. Otherwise, I'm quite happy with it.

The solution should do more in regards to handling phishing emails. They maybe should pair with a solution like Palo Alto in order to offer a more holistic view of the security and offer behavioral analytics or endpoint protection, etc., and all from one vendor. Data Lake, for example, is a product that gets the information and gives feedback to the user. There seems to be a high volume of phishing emails that we get, and I'd like to understand what the company is doing to address that. Zscaler seems like it's just a bit too static.

For how long have I used the solution?

I've been using the solution for four years.

What do I think about the stability of the solution?

Aside from issues I've had accessing time management from time to time, it seems to be a stable solution.

What do I think about the scalability of the solution?

The question of scalability would be best posed to our CSO. However, my whole team uses it. It's been scaled in our organization to a very small extent. In that sense, it was easy to scale. 

I don't know the maximum capacity, however, it's my understanding that the solution is suitable for organizations like us with about 3,000 employees.

How are customer service and technical support?

We have our own technical support. I've never directly contacted Zscaler in order to get assistance.

I purely go to our first level of support. Any issues I've ever had have been solved on the first or second level. It's my understanding, that if the issue exceeds a certain level of support, it would be forwarded to Zscaler. However, I've never had issues of that nature. The only issues I've dealt with have been rather easy to solve.

Which solution did I use previously and why did I switch?

We were previously using Pulse Secure in our organization. I needed to switch it on and off. On top of that, certain applications I could not reach. This was slow and proved to be unstable.

Zscaler, on the other hand, is more stable and also more secure.

How was the initial setup?

The initial setup was straightforward. It wasn't complex at all.

My understanding was that the deployment itself happened pretty quickly.

There was an announcement from our security, and by our CSO. Then it was rolled out and Pulse Secure was turned off. There was a migration phase in the project and that's it. It all happened rather fast.

What's my experience with pricing, setup cost, and licensing?

I don't handle billing or payments and therefore don't know the exact pricing of the solution of what exactly our organization pays.

Which other solutions did I evaluate?

I wasn't involved in the decision-making process when it came to looking for a solution.

What other advice do I have?

We're just a customer.

I would recommend other users also have a glance at other solutions. Options like Prisma Access by Palo Alto or Check Point may be ideal, depending on the needs of the business.

Zscaler seems easy to understand and easy to use, however, there is probably some room for improvements. At my former company, we were using Check Point. This was also pretty good. Zscaler seems more modern, however, I'm referencing an experience from some 10 years ago.

Overall, I would rate the solution seven out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
HM
Network Engineer at a financial services firm with 5,001-10,000 employees
Real User
Good VPN technology and scales with our requirements

Pros and Cons

  • "The VPN is valuable, as the whole technology is very different from a traditional VPN."
  • "There are a few features that are not compatible with the Azure cloud."

What is our primary use case?

We use Zscaler for VPN connections and for internet security.

What is most valuable?

The internet security that it provides is valuable.

The VPN is valuable, as the whole technology is very different from a traditional VPN.

What needs improvement?

There are a few features that are not compatible with the Azure cloud.

It's not fully compatible with our environment because of the way that it is divided into business units. In order to get it working properly, there are some things that we had to put in for enhancements. Otherwise, everything works well.

For how long have I used the solution?

We have been using Zscaler Internet Access for about a year.

What do I think about the stability of the solution?

It is a stable solution, although once or twice, we had issues with latency and slowness. Other than on these occasions, it has been fine.

What do I think about the scalability of the solution?

Scalability-wise, everything is good. We have approximately 3,000 users and we do plan to increase usage. Ultimately, we want to include everyone, which is about 10,000 users.

How are customer service and technical support?

We have been in contact with technical support and they are very responsive. They also have TAM support, which means that we have a dedicated engineer to look into our issues. That is nice to have.

Which solution did I use previously and why did I switch?

I have used Cisco Umbrella in the past, which is similar. However, there are definitely differences between these two solutions. Cisco Umbrella is a DNS-based web filtering solution, whereas Zscaler is a cloud-based web application firewall combined with a regular firewall, antivirus, IPS, and other security features.

How was the initial setup?

The initial setup is straightforward and the deployment took place over a couple of days.

What about the implementation team?

We used Zscaler Professional Services for the deployment.

What other advice do I have?

In summary, this is a good product and I completely recommend it.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Zscaler Internet Access Report and get advice and tips from experienced pros sharing their opinions.