Try our new research platform with insights from 80,000+ expert users

Menlo Secure vs Zscaler Internet Access comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 4, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

iboss
Sponsored
Ranking in Secure Web Gateways (SWG)
10th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
15
Ranking in other categories
Internet Security (4th), Web Content Filtering (3rd), Cloud Access Security Brokers (CASB) (8th), ZTNA as a Service (11th), Secure Access Service Edge (SASE) (10th)
Menlo Secure
Ranking in Secure Web Gateways (SWG)
31st
Average Rating
9.2
Reviews Sentiment
6.9
Number of Reviews
4
Ranking in other categories
Firewalls (51st), ZTNA (27th), Cloud Security Remediation (7th)
Zscaler Internet Access
Ranking in Secure Web Gateways (SWG)
2nd
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
52
Ranking in other categories
Internet Security (2nd)
 

Mindshare comparison

As of April 2025, in the Secure Web Gateways (SWG) category, the mindshare of iboss is 2.0%, up from 1.7% compared to the previous year. The mindshare of Menlo Secure is 1.3%, up from 0.9% compared to the previous year. The mindshare of Zscaler Internet Access is 15.6%, down from 17.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Secure Web Gateways (SWG)
 

Featured Reviews

Matt Crockford - PeerSpot reviewer
It's easy to roll out, and their understanding of our business made it seamless
One aspect we value about iboss is its simplicity. Their customer service is brilliant, and they are super responsive and knowledgeable. It's easy to roll out, and their understanding of our business made it seamless. We were impressed by the solution's mental health function, which can detect if someone needs help. It scans what users are browsing and flags warning signs so we can check to see if they are okay. We've had to use it a couple of times. The user interface is highly intuitive. Our IT team picked it up with minimal training. It's arranged so that it's easy to find where things are. Another advantage is the single pane of glass console, which gives you visibility into what's happening. We're not fully there yet because we haven't implemented zero trust, but we're excited about the possibilities from the demos we've seen. We launched a POC of iboss' ChatGPT Risk Protection feature two weeks ago. AI is a great tool, but you need to be careful what you put into it. My biggest fear is employees inputting sensitive corporate information or customer PII data into one of these chatbots. I was impressed by our trial of the feature. It's exactly what we wanted. Now, when a user goes to ChatGPT, there's a banner warning them not to share information, and we can block conversations containing customer data like bank details and email addresses. I don't want to stop people from using it, but we need visibility. We've only tried it on a test group of 15 people. You can configure it to look for specific keywords or integrate it with your DLP policy if you have that configured
Olivier DALOY - PeerSpot reviewer
Secures users wherever they are and enable us to inspect SSL traffic, but we encountered too many issues
The solution should have no impact but it does have a bit of impact on end-users. For example, we encountered some issues in the downloads that took longer than they did without using Menlo. That is clearly not transparent for users. We expected not to have any latency when downloading anything from the internet with Menlo compared to without Menlo. We are now transitioning to another solution. The main reason for that is that managing all of the exceptions and troubleshooting all of the issues our users have had connecting to the internet has become too significant in terms of workload, compared to what we hope we will have with another solution. In other words, we hope to get the same level of protection, while reducing the number of visible bugs, issues, latencies, impacts on performance, et cetera, that we have today with Menlo. We already solved most of them, but we still have too many such instances of issues with Menlo, even though it is protecting us for sure. The weak point of the solution is that it has consumed far too much of my team's time, taking them away from operations and projects and design. It took far too much time to implement it and get rid of all of the live issues that we encountered when our users started using the solution. The good point is that I'm sure it is protecting us and it's probably protecting us more than any other solution, which is something I appreciate a lot as a CISO. But on the other hand, the number of issues reported by the users, and the amount of time that has been necessary for either my team or the infrastructure team to spend diagnosing, troubleshooting, and fixing the issues that we had with the solution was too much. And that doesn't include the need to still use our previous solution, Blue Coat, that we have kept active so that whatever is not compatible or doesn't work with Menlo, can be handled by that other solution. It is far too demanding in terms of effort and workload and even cost, at the end of the day. That is why we decided to transition to another solution. If we had known in the beginning that we would not be able to get rid of Blue Coat, we probably would not have chosen Menlo because we were planning to replace Blue Coat with something that was at least able to do the same and more. We discovered that it was able to do more but it was not able to replace it, which is an issue. It is not only a matter of cost but is also a matter of not being able to reduce the number of partners that you have to deal with. In addition, they could enhance the ability to troubleshoot. Whenever a connection going through Menlo fails for any reason, being able to troubleshoot what the configuration of Menlo should be to allow it through would help, as would knowing what level of additional risk we would be taking with that configuration.
ShanavasVK - PeerSpot reviewer
Helps maintain a consistent posture of internet security while getting rid of VPN and hovering into zero trust
There could be a better way for the tool to categorize the traffic. For example, the tool does exceptions and everything overall. If I want to give guest access or provide access to guest users or any other internet access and if it does not go through the SSL inspection because, in our company, we can't have the root certificate on a device that we don't manage, which can be called out as an exception or an exclusion, but that doesn't provide a proper reflection of the picture of what is happening in the environment. There are granularities bringing it down. The tool I used or still have is Zscaler Cloud Connector to protect the cloud environment, which can have a bit more user-friendly installation and setup, and it would help a lot. The deployment process of Zscaler Cloud Connector needs to be more user-friendly. Improvements are required in the exception category. For example, suppose I report on a monthly basis what the breaches and traffic violating the SSL inspection area are coming from. In that case, I may find that half of them may be coming through some guest network, meaning the tool doesn't differentiate between the guest or normal networks or the corporate networks. Having options to differentiate different networks would be ideal so that it can show a true picture of things to users, as half of the things in the tool are not in our control and are not of our concern.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The security aspect of the solution, particularly the malware behind it, is excellent. That's something that really helped us out. It's not just a simple proxy that just blocks the insights of potential threats that come on behind it. They do malware detection and that helps us a lot."
"It was a very easy product to install. It can be deployed very fast."
"The iboss system is highly reliable. The false positive rates are small compared to some other systems we've experienced through other partner agencies who use competing solutions."
"From a use-case scenario, what I like the most is the plug-in. I like the fact that we can do the filtering of these devices offsite independent of the network they are connected to, and we do not have to have traffic coming back inside our network."
"iboss has significantly lowered the number of security incidents. It is crazy how much it blocks and how much it is aware of the outside danger."
"Iboss is a solution that prevents advanced persistent threats, and has a zero tolerance for attacks."
"iboss is pretty scalable. They provide good support. The case managers you work with to coordinate what you need are pretty good."
"Valuable features: Within the filter: Controls (Web categories, applications, and Allow/Block list) and Network (local Subnets). Within the reporter: Logs (Event Log) and Reports."
"Accessing the internet with a proxy from anywhere is the most valuable feature. It ensures that users are only able to browse legitimate websites. If they happen to go to a legitimate website with a malicious payload, the isolation feature will take care of that."
"It has reduced security events to follow up on. While it is not 100%, there has been probably a 90% or more reduction. We were getting hit left, right, and center constantly from people browsing the Internet and hitting bad websites. It was not just bad websites that were stood up to be malicious, but good sites that were compromised."
"For us, the primary goal is protection on the web, and that's extremely important. We're not using any of the other services at this time. The web part is key to the success of the organization. It gives us the ability to protect. It can isolate. It opens the session in an isolated format so that the code isn't running locally. It is running over in the Menlo environment, not in ours. It is not running on the local computer, whereas if you were to go to a normal website, it would run Java or something else on the local machine and potentially execute the malicious code locally. So, it does give us that level of protection."
"The fact that it is a cloud proxy solution is another feature we like. For example, if you acquire a new company, you can use it to protect that new company without the need to install anything physically on their networks."
"Zscaler excels in security protection and the cloud is always up-to-date. It does not matter if you are a small or big organisation, you will receive the same security quality."
"The initial setup is very straightforward."
"Zscaler Web Security protects our users in remote locations from internet threats - even if they are not connected to our network."
"All internet access flows through the Zscaler proxy, regardless of whether people are in office or remote. I have greater control site access and I minimize the number of compromises that we experience to almost none."
"The policies are very intuitive and easy to configure, with very little possibility of messing things up."
"One on the main benefits is protection all time from anywhere."
"We enjoy all of the proxy capabilities and the capability to integrate into the SIEM/SOC solution."
"The solution has reduced cyberattacks."
 

Cons

"The reporting feature needs improvement. It doesn't give you the expected results. It is quite difficult to get the specific reports needed, and it is not as intuitive as the rest of the platform."
"Fold that in with the risk intelligence they're getting from all of the different subscriptions they are a part of. Now, these security companies subscribe to things like emerging threats, databases, etc. You can fold all this intelligence to decide what's happening on an endpoint. I would love to see them start moving into that space. That would compete directly with Microsoft. Maybe that's why they haven't. Having that ability native within the solution would be great. The other area in which I would love to see improvement is more detailed descriptions of why they block websites."
"File integrity monitoring would be very advantageous as an additional feature."
"SSL decryption: We had issues with learners using apps instead of using web browsers. This type of encryption is tough for any appliance in a BYOD environment."
"Our biggest problem with their service was it did not recognize the device and filtering did not always work correctly."
"The solution could be stronger on the integration side and offer more cloud applications like G Suite or Oracle."
"Its pricing could be better."
"I am currently doing a PoC of the zero trust aspect of it. Compared to other similar solutions, it is hard to get around each feature. It takes a while to get used to it."
"The user monitoring could still be improved."
"In the best of all worlds, we wouldn't have to make any exceptions. However, that is a big ask because a lot of that depends on how websites are constructed. For example, there are some very complex, application-oriented sites that we end up making exceptions for. It is really not that big an issue for us to make the exceptions. We feel like we are doing that without a huge impact on our security posture, but we do have to make some exceptions for complex sites, e.g., mostly SaaS-type sites and applications."
"We are now transitioning to another solution. The main reason for that is that managing all of the exceptions and troubleshooting all of the issues our users have had connecting to the internet has become too significant in terms of workload, compared to what we hope we will have with another solution."
"Currently, I don't have a good way to see which of my rules are being used in the access control lists. I have numerous entries, but are they all still needed? A report that would show me my list of who is allowed and whether we're actually using it would be useful because I can then go clean up my list. It would be easier to manage. We would eliminate the vulnerability of unused services."
"The solution's technical support needs to be improved, especially by offering a better support structure for different geographical areas."
"Cloud App’s database should be improved."
"Zscaler Internet Access needs to integrate more ISPs. It is good to have more than three ISPs."
"The deployment process of Zscaler Cloud Connector needs to be more user-friendly."
"The solution can be improved by advancing some of the newer technologies such as the DLP feature, and adding email security."
"There are some performance issues when we add on additional controls."
"There are many functionalities in Zscaler Internet Access that need improvements, such as an advanced firewall and logging capabilities to track calls."
"Do not expect to pay for the service and start using it, like Gmail. Zscaler requires a proper implementation to be done to make it successful."
 

Pricing and Cost Advice

"It is expensive compared to one of its competitors."
"The overall pricing for iboss is very competitive and transparent."
"It is probably in line with other solutions, but I do not deal with the financial side."
"We had the cost of purchasing a new appliance along with the implementation and licensing costs. However, the following year, the cost of just licensing was similar to what was paid the previous year for a new appliance along with the implementation and licensing costs."
"We have not priced the solution recently, but they were competitive with other vendors in the past."
"It is not expensive, and it is also not cheap. iboss is priced right in the sweet spot for the number of features it offers."
"The solution is expensive. It's more expensive than the solution I previously used. Compared with the other cloud-based solutions, it's very competitive."
"We save a ton of money and time. Previously, the numerous hits that we were receiving from our security tools, prior to implementing them, had to all be chased down, dispositioned, and endpoints had to be reimaged. It was just a ton of effort to do all that. That is where the savings from time and money come in."
"It is appropriately priced for what they're doing for us. Considering the protection provided, I feel their pricing is spot-on."
"Because it's a cloud solution, we pay on a yearly basis. It is affordable and includes tech support and all features."
"​Be aware that you will need to invest some time and money to adapt your environment for Zscaler (traffic redirection, software deployment, authentication, etc).​"
"We have found the solution to be expensive."
"If we need any extra features, the price will increase."
"The price is competitive. It's not cheap and it's not expensive."
"The price of Zscaler Internet Access should improve, it is expensive."
"Zscaler is an expensive solution, but it's worth the price. Their services are unmatched by competitors. Some may come with half the features that Zscaler can offer and be much cheaper. However, they do not have the global coverage that Zscaler has, and they will not provide the same low latencies and the same speeds that Zscaler can."
"It is a few pounds per user per month."
report
Use our free recommendation engine to learn which Secure Web Gateways (SWG) solutions are best for your needs.
845,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
9%
Government
6%
Computer Software Company
18%
Financial Services Firm
15%
Manufacturing Company
8%
University
7%
Educational Organization
24%
Computer Software Company
13%
Financial Services Firm
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about iboss?
Content filtering is the most useful feature of iboss.
What needs improvement with iboss?
I have the same complaint about them that I have about other software companies. Sometimes when you call in support, ...
What is your primary use case for iboss?
We are a PreK-12 public school district, and we use iboss to filter internet content for our students at home and sta...
Ask a question
Earn 20 points
Which is the better security solution - Cisco Umbrella or Zscaler?
Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried. Zs...
Which is better, Zscaler internet access or Netsckope CASB?
We researched Netskope but ultimately chose Zscaler. Netskope is a cloud access security broker that helps identify ...
 

Also Known As

iBoss Cloud Platform
Menlo Security Web Security, Menlo Web Security
ZIA
 

Overview

 

Sample Customers

More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies.
Information Not Available
Ulster-Greene ARC, BanRegio, HDFC, Ralcorp Holdings Inc., British American Tobacco, Med America Billing Services Inc., Lanco Group, Aquafil, Telefonica, Swisscom, Brigade Group
Find out what your peers are saying about Menlo Secure vs. Zscaler Internet Access and other solutions. Updated: March 2025.
845,406 professionals have used our research since 2012.