What is our primary use case?
It's on the customers' premises. I've designed and supported several client projects and this is definitely for customers, for enterprise networks.
What is most valuable?
I've leveraged heavily the web proxy solution.
The secure web gateway, the web firewall is great.
CASB Enterprise DLP, the network DLP solution, is useful.
Most of the features that Zscaler has to offer, we will deploy.
We are functioning fairly well with Zscaler Internet Access. With regards to scale, with regards to performance, the end-user performance and resiliency are good.
The initial setup is easy.
What needs improvement?
I don't see any other improvements required with regards to the use cases that we have. I think they are good for now. I have no complaints.
It would be nice to have some sort of a form factor, a physical form factor perhaps, or virtual machine that you could install on devices or on a cloud, and have some cloud computing. That provides the segmentation capabilities within the environment itself, instead of going all the way to Zscaler cloud and then coming back and get all the inspection capabilities. That's definitely one thing that I would want Zscaler to explore. That would serve 100% of use cases that I look for as an architect.
For how long have I used the solution?
I've used the solution for four to four and a half years.
What do I think about the stability of the solution?
We never face any problems. Like most products, it does have its hiccups. Sometimes we face some performance issues, however, nothing critical. The problems are kind of the things that we usually face with most of the cloud-managed providers. Mostly, it's fine.
What do I think about the scalability of the solution?
The solution is absolutely scalable. Every single time we have a new footprint in a different geography, they are doing great, and I've never faced any challenges even in China, which is the bone of contention for most providers. They're certainly scalable. There are not any delays in regards to upscaling them. We are good there.
How are customer service and support?
We are leveraging professional services and advanced tech support. The response time is great - at least during business hours. During holidays, sometimes we do face some problems, however, that is acceptable and we tend to work during the standard market business hours. Any gaps in the support during off business hours, they're able to handle business outages or critical issues.
Which solution did I use previously and why did I switch?
I work on various firewalls, Palo Alto being the closest that I can think of with regards to having parallel features. I use it as kind of an in-series. It's not either/or. It's both of them. For all the traffic that is non-web or non-FTP, that's inspected by Palo Alto. The rest, everything else, goes by proxy.
If I'm looking for a cloud-managed service, a cloud-managed firewall, something like a McAfee solution, Palo Alto is the close competitor that I would rate with Zscaler. With regards to cloud web proxy, I don't see any other competitor which does better than Zscaler.
How was the initial setup?
The initial setup is fairly easy. We've never faced any problems there. We deployed it for both on-premises and a couple of our cloud infrastructure setups. It's a piece of cake.
We had to deploy the back files so we push backfiles to CCM and Intune. With regards to the agents, that was fairly seamless. We set up about 20,000 users and had them up and running within close to two weeks - three days for the actual implementation and deployment. It was fairly seamless.
What's my experience with pricing, setup cost, and licensing?
I haven't handled much of the procurement side of things. My understanding, however, is that it's fairly cost-effective. With regards to the kind of support that they offer, it's fairly justified. It's additive pricing. If you don't want to subscribe to a single service, you can, of course, skip it. It's fairly flexible.
What other advice do I have?
The use cases need to be fairly solid if you're looking for Zscaler. Zscaler doesn't do intra site segmentation, therefore, if you want a segmentation within a branch office, that kind of traffic flow, that is not well addressed. That said, that's due to the fact that Zscaler isn't targeting itself to address that kind of issue. That's where you require traditional or the NextGen firewalls on devices. With regards to the cloud-first model, of course, there is absolutely no gap with regards to Zscaler. It would largely depend on the use cases, the kind of business that you are deploying the solution for if this solution is right for you.
With regards to ease, with regards to scalability, with regards to performance and support, those are the kind of top features that I would always look at and I have had a great experience in general.
I'd rate the solution at a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: partner