Zscaler Internet Access Reviews

It's primarily for end-user access to the public internet. We use the proxy functionality and the URL Filtering.

We have a global policy for all our users. While there are a few categories of URLs that we are not allowed to do SSL inspection on, the primary function for us is to do SSL inspection so that we can make use of the built-in anti-malware and antivirus—the advanced-threat features—within the platform. We do SSL inspection of some 80 percent of all the traffic and we can evaluate if it's malicious or not.

It is a cloud solution where pretty much everything is handled by Zscaler.

Zscaler has helped to reduce the time we spend managing security policies. That is very important to us. A lot of the features it has are AI-based decision-making. For instance, if we implement a sandboxing rule for how files of a certain type should be inspected, we also can activate the AI decision-making process. That way, even if a file is new to the sandboxing environment, it can still see that it is a PDF and has these and these characteristics. Based on that, the AI says that "No, this file is not malicious," even though it normally would have been quarantined and sandboxed and have gone through the whole analysis process. The AI helps out in minimizing the time to do that analysis. And that also helps in reducing the burden of someone actually having to do things manually.

If you count everything that was involved in managing the appliances, the lifecycle management, and support contracts, in our old environment, we have reduced the number of FTEs managing the environment from five or six to about two.

It has also definitely helped reduce the number of infected devices in our organization by proactively preventing attacks. Since we scan almost all of the traffic, we now see how much of the traffic is "malicious." In our environment, we block about 1.6 million threats every quarter, but we don't know the severity of those threats. Maybe 1 million of them are malicious content in some way, while half a million are adware. But there are real threats that are being blocked, like botnet callbacks, cross-site scripting, and browser exploits. On average, we are blocking about 500,000 threats per month. 

I utilize Zscaler Internet Access within my organization for secure web browsing and filtering traffic from websites. It serves as one of the main security elements by securing endpoints and facilitating secure Internet connections and website access.

The most valuable feature for me is the ability to see how my network and traffic looks with modules like analytics and insights. This provides a comprehensive view of the Internet connection usage and justifies the numbers related to cyberattacks. The SSL inspection also offers added security, facilitating the exchange of critical data.

Zscaler Internet Access is useful for role-based access control. In our company, we have different profiles for users, and based on the profiles, there are types of accesses that are allowed. For example, some are allowed to access social media, while some are not. It is based on their job titles, what their profiles are, and their job functions.

It is quite a valuable product for our company as we get visibility of our security posture, which is the tool's main advantage. Maintaining a consistent posture of internet security while getting rid of VPN and hovering into zero trust, are some of the areas that have been very helpful for our organization.

The product is majorly used by the IT side and is useful for pretty much all of the internet access from office, on-prem or off-site locations. As the remote workforce along with everyone else goes through the same policies, all are forced to use it in our company.

In terms of how Zscaler Internet Access has improved the area of secure web gateway management, I would say that rather than having multiple firewall tools and different types of proxies, it is better to have one platform to look at so that you can have a consistent view and visibility over what is happening across your user base, offices and it is especially helpful when you have to deal with IT and IoT kind of scenarios where you can look at specific requirements, specific exclusions, and allow IT and IoT to function in a consistent manner. The granularity of the policy, which is aligned to specific users and user groups, helps a lot in terms of giving our company wider visibility and raising the productivity of the users.

The SSL inspection capabilities of Zscaler Internet Access have had an impact on our company's security posture, especially since our organization installed its root security certificate. Most of the products have SSL inspection, but there are exceptions, such as banking or government sites, so there are some exclusions. Luckily, the tool works quite well, and our company gets to reduce the number of exceptions and make sure that pretty much all the connectivity or where the access goes through, specifically through where the secure access goes through, is inspected with the help of SSL inspection.

The product has helped save our company costs because you don't need a huge workforce. Rather than having multiple types of policies and firewall rules, the tool allows our company to be consistent across the company at the same time. You don't need a huge amount of people to maintain the policies in the tool. The tool reduces the number of devices required. For example, our company has around 80 locations, so we expect to have something like 160 firewall devices, along with 150 types of policies. Besides the aforementioned area, you plug everything into the cloud environment to reduce admin overhead and the cost of the solution and have better visibility.

Speaking about how the product handles network latency and user experience in remote locations, I would say that I have been using the product since 2010, and I have seen that it has improved a lot lately. With the tool, there are a lot of failover mechanisms you can use when one specific data center doesn't work well. The tool also has an automated switchover process. The tool has helped our company, and we haven't encountered any major latency issues.

We use Zscaler as a secure internet proxy. All of the traffic is filtered through it. We have about 3,000 users at the organization. 

All internet traffic goes through Zscaler, which protects the organization's IP, which isn't published publicly. Zscaler's cloud services filter and clear all traffic. 

Generally, we use the tool for SSE and ZTNA. We offer all the features for cloud security, zero-trust network access, or CASB. Depending on the requirements, we sometimes integrate it with SD-WAN so that we can offer SASE-based services.

The solution's most valuable features are its reliability and availability, measured by the number of ports it offers. Zscaler Internet Access and Zscaler Private Access are also good features of the product. For example, when it comes to the secure web gateway provided by Zscaler, I would say it is a very trustworthy area. The sandboxing or the DLP features can be provisioned on Zscaler, making it the value the tool offers to Zscaler Internet Access users. The tool has good reach across the globe. The number of PoPs the tool has is one of its USPs.

You can have mobile employees who forward traffic into a Zscaler client, or you could use a PAC file. So, if users connect at the beach, a hotel, coffee shop or something outside their actual office, it will give them protection.

You can use it with a secured Internet using a web gateway to deliver to the cloud.

The benefits of Zscaler Internet Access are the speed of the solution and never having performance issues or limitations. The fact that none of my end users are experiencing any threats, zero-day, bots, or malware says a lot about the solution. 

Zscaler Internet Access enables the inspection of traffic, including SSLs. You want to make sure that nothing is coming in through your HTTPS traffic. For anything that is coming in that might be a threat, you want to ensure that you are using a good proxy for that. There is malicious traffic out there, so you want to make sure you are tracking and viewing that. There are a lot of threats that come through as well as a lot of programming languages, so you definitely need to inspect traffic.

It is worth it. It works. I don't need multiple alerts, because it is set up with the right policies. Definitely, it is a beneficial device which doesn't always need constant monitoring. It inspects the encrypted traffic and verifies what threats are coming in. It intercepts incoming traffic and decrypts it, then reviews it. So, why have antivirus scanning or web filtering if Zscaler can do it? It protects me from man-in-the-middle attacks as well. When you use a firewall, you have alerts and false positives, but Zscaler Internet Access pretty much decreases those errors and alerts.

There isn't congestion on your network when you are inspecting traffic with Zscaler Internet Access. 

The product is an Internet proxy solution. We use it to manage our users' Internet access, making sure that they don't go to the wrong site. We also use it for data loss prevention.

The main benefit that we have seen is performance improvements based on not having to backhaul traffic and getting cloud services closer to the user.

It provides a modern, cloud-first model. It allows the users quick access to the cloud, depending on where they are in the world. We have users all over the world who access cloud services in their native regions. Previously, we had to backhaul the traffic to our data centers somewhere in the world, then go back to that region. Now, we don't have to do that. A user and data stays within that region. There is no latency there.

It allows us to inspect all our traffic, including SSLs. This is extremely important because most sites use SSLs nowadays. Putting non-SSL inspected data directly into the source would mean that there is a potential for data loss. 

Protecting our customers' data is our number one priority. The data loss prevention rules that we have in place make sure that there is nothing within the packets relevant to our customers. 

Primarily, it was to replace our existing on-premises box infrastructure. That's what it started with. And lately, we've been using it more for secure web gateway purposes.

It's primarily meant for perimeter security and the ability to securely access the internet and SaaS applications. So that has definitely helped us get rid of our bulky firewall hardware firewalls, at least for internet access. So that's a cost optimization. And performance. It definitely helps us boost performance.