Zscaler Zero Trust Exchange Platform Reviews

This is the primary Private Access solution, the VPN solution.

Zscaler brought a new concept to the world or to the networks, basically introducing the zero-trust technologies of the product to bring in the buzzword about it and then make it a norm or create it as a norm. 

So, this is a product that can give you zero trust when it comes to the VPN solution compared to the legacy VPN. So, it has become a mandate to manage.

Zscaler Private Access does not currently offer the ability to assign static IP addresses, which are necessary for supporting telephony or backend communication. 

While Zscaler supports client-initiated connections, it does not support server-initiated connections. This is a feature that Zscaler may consider adding in the future.

I have been using this solution for a year. 

It is a stable solution.

It is a scalable solution. We have around 5,000 end users using this solution.

The customer service and support are okay. I am not a fan of the service. 

The response time is long, and the willingness is lacking. They are not eager to support.

Neutral

My company used Pulse Secure and SonicWall.

With the zero-trust concept coming in across the secure, we wanted to try out Zscaler and see whether it worked well for our organization. So that's the reason we switched to Zscaler. 

The initial setup was easy. 

With the VPN solutions that sort of pretty much expensive.

I would recommend using the solution. I would rate it around eight out of ten because it is a good product. I don't have any major concerns as such. 

The competition is not up to the level; Netskope is doing well. Palo Alto and other products have just launched their products within the previous two or three quarters, and the market is yet to try their tech work, but Zscaler is a tested product, and it is doing good.

I use Zscaler Cloud DLP since my company's clients use Zscaler Cloud Proxy in their environments. I deal with Zscaler Cloud DLP since it meets the requirements of my company's clients and helps to manage data breaches. In general, my company takes care of the configuration part of Zscaler Cloud DLP and provides it to our company's clients as a service.

With Zscaler Cloud DLP, my company benefits from the granular control it provides us. My company provides Zscaler Cloud DLP to our clients as per their requirements, and moreover, we can filter out and deny or allow providing the features related to DLP for a specific user or a location. Basically, Zscaler Cloud DLP provides general control to a person over which files a person wants to allow or deny for a specific user or location. Zscaler Cloud DLP is very easy to configure. With just a few clicks, one can easily take care of the configuration part related to the product.

As of now, no improvements are required in the solution. Though not an improvement from a product perspective, there is no documentation related to Zscaler Cloud DLP on the internet. You won't find anything that can help you with the configuration part and other areas related to the product if you search for proper or exact details of Zscaler Cloud DLP online in very easy language. In short, you can't find any documentation about the product which is exactly arranged in a proper manner. Availability of knowledge related to the product is not there in the public domain.

I have been using Zscaler Cloud DLP for more than three years. My company has a partnership with Zscaler, so we provide solutions from Zscaler to our clients.

Stability-wise, I rate the solution a nine out of ten. I did not have any issues related to the product. For some of the tag-related cases opened with the support team, no proper support was available.

It is a very scalable solution. Scalability-wise, I rate the solution a ten out of ten.

I work in a large organization, so I think more than 1,000 users use Zscaler Cloud DLP.

The solution's technical support is easy for my company to reach out to, and they are also very supportive. I rate the technical support a ten out of ten.

Positive

I have experience with Palo Alto Networks Firewall.

The product's initial setup is easy.

The solution can be deployed in ten to twenty minutes.

The solution is deployed on a private cloud.

Zscaler Cloud DLP offers cutting-edge technology and is easy to configure and use. People should opt for Zscaler Cloud DLP if they have the opportunity.

Considering that there is always some room for improvement, I rate the overall tool a nine out of ten.

I use Zscaler Cloud DLP to protect sensitive data. It works by checking the content I'm trying to send or use on websites. If it sees any personal data or if someone tries to copy-paste it, it stops them. It can even notice when I use certain commands like "put," making sure my data stays safe. It watches what I'm doing online to keep my data secure.
Zscaler Cloud DLP integrates with Microsoft Defender to improve its abilities. This integration allows Zscaler to access data from Microsoft Defender, helping it track timestamps and offer strong protection for DLP events. This partnership between Zscaler and Microsoft Defender is a valuable addition that boosts DLP measures and enhances data protection.

The most valuable aspect of Zscaler Cloud DLP is its automatic DLP feature. Additionally, it also offers firewall capabilities. In terms of its firewall features, it provides a range of security measures to protect network traffic, but specific details about these firewall features would depend on the version and configuration of Zscaler Cloud DLP being used.

Zscaler Cloud DLP needs to improve its compatibility with other security tools. Right now, it mainly works well with Microsoft Defender but lacks support for many other antivirus and performance management solutions. Also, it takes a long time to add new features based on customer feedback. This limited compatibility could be a problem for organizations using various antivirus software.

I have been using Zscaler Cloud DLP for three years.

Zscaler is highly stable because it operates from multiple data centers around the globe. If there is any issue or even a brief downtime in one data center, they swiftly switch to a nearby one to ensure uninterrupted service. So, you won't experience any significant downtime, typically not more than a second or two. Even services like Office 365 have very limited downtime when used with Zscaler.

Zscaler is scalable and depends on the number of user licenses you have. You integrate it with your systems, like Azure Active Directory, and ensure GDPR compliance. More than 5,000 people use Zscaler at my company.

Zscaler provides excellent technical support in India and worldwide. Their support team is quick to respond and readily available to assist with any issues or inquiries.

I have previously used Purview DLP. It can inspect files and sensitive information you send in those files. However, it may not detect when you copy-paste sensitive data into a web page's open field. This is a second level of security, a different kind of data protection, which may not catch such actions. But it can still detect sensitive information if you copy-paste it into a communication or document. It is a good product but I prefer Zscaler.

Setting up Zscaler Cloud DLP is relatively straightforward. It can easily classify data, like U.S. Social Security numbers. It provides a data discovery dashboard where you can monitor what data users are trying to share or copy from websites. It checks files and data insights to ensure nothing sensitive is being shared improperly, and it alerts you if there is a problem.

Zscaler's licensing is based on the number of users, and it is flexible. Instead of counting all 5,000 employees, they consider concurrent users, which can be more cost-effective. It might be a bit pricier than some other products, but it's a good solution, and many companies use it.

I would definitely recommend Zscaler Cloud DLP to others. Overall, I would rate the product a nine out of ten.

Most people use Zscaler SASE as a replacement for VPNs. You know, with a VPN, once you establish connectivity to the network, you have unrestricted access. But with Zscaler SASE, you have strict access control. You don't get any access unless you adhere to the policies set in Zscaler. 

So, you can control who has access to specific applications at a URL level rather than granting access at the physical IP level. That's what most people appreciate about it. IPs provide access to everything on the machine, whereas Zscaler SASE provides access to specific services within the network. 

The most valuable feature is its ability to establish connectivity for remote users and remote endpoints. It offers a high level of granularity compared to typical VPNs, which also encapsulate a lot of I/O. By using Zscaler SASE for home access or access in remote areas, it bypasses the issues introduced by ISPs. 

Sometimes ISPs block certain protocols or applications, but when everything is encapsulated within the Zscaler Cloud, the ISPs don't get a chance to interfere or block. This is especially helpful when it comes to file sharing. Sometimes ISPs block it, so we can't share files using cloud services remotely. Zscaler SASE gives non on-premise users the ability to securely access and sync with on-premise resources.

The area that requires improvement is their support. The current support is lacking. 

Other than that, once you have the right people on the phone, the product performs as advertised. However, multiple clients have complained about the support. 

I have been working with Zscaler SASE for two years. 

When it comes to stability, it's similar to any outsourced service. There will always be some outages because of the global nature of the network and the involvement of various cloud providers. There are many moving parts. I don't anticipate more frequent outages, but it's important to acknowledge that Zscaler is not flawless.

I haven't encountered any clients who have had problems with scalability or performance issues. There were a couple of outages less than six months ago, but that's to be expected. Every service experiences occasional outages. It's like having allergies; every product at a global scale will have such issues. 

I have heard a lot of complaints from my clients about the support. Even VMware's support has declined since it got acquired by Broadcom. 

So, we're not receiving the kind of support we used to get, like from Cisco. It's more akin to Microsoft and internal support.

Neutral

The initial setup does take some time to get used to. Zscaler does a good job with its specialized services in setting up and installing the product. 

Once you start using the product, any issues that arise are generally handled well. The support is not as terrible as it may seem at first. While there may be instances where one technician transfers the case to another technician, it doesn't mean starting the entire process from scratch.

However, most people are deploying it on AWS or Azure. I have some clients who still prefer on-premises deployment. It depends on their specific requirements.

The pricing is quite high, especially when it comes to the gateway. It costs around $10,000 per gateway per data center, which can be seen as ridiculous. Other cloud-based solutions charge based on the number of clients without the need for a gateway for each data center. 

This pricing approach doesn't sit well with my clients anymore. When Zscaler SASE had a monopoly in the market, it could get away with it, but now there are alternatives cutting into its market share.

I would rate Zscaler's pricing model as an eight out of ten, with one being cheap and ten being expensive. 

There are other solutions like VMware that also have high costs, but Zscaler SASE stands out because of the expensive gateway for each data center. It's not a cheap implementation. 

Every time you set up an Azure data center, you have to spend another $10,000 to $15,000 on a gateway. It adds up quickly. Creating a VPN between data centers might be an alternative, but it introduces a single point of failure. So, that pricing policy alone makes it very expensive.

It's a great product. My advice for those considering using it is to understand the concept of zero access. It's different from just having VPN access. If someone can perform a DNS lookup, they still have access. 

People are often stuck in a VPN-centric mindset. It requires a paradigm shift, similar to transitioning from traditional applications to Microsoft applications. Instead of focusing on what services the user needs, it's about restricting access to specific applications regardless of the user. Once you embrace this mindset, it becomes easier to navigate. It's not a major impact, but it does require a change in thinking.

Overall, I would rate this product an eight out of ten, with the exception of pricing and support issues. It is one of the better implementations available, surpassing Cloudflare's capabilities. However, there are still areas for improvement, particularly in terms of pricing and support.

We use the solution to build zero-trust networks. We use it to block everything except the trusted URLs. We get a bunch of URLs from the customers, whitelist them in the solution, and everything else is blocked automatically.

An URL must be whitelisted for users to access it. When a customer tells us they need a particular URL, we analyze it and send it for approval. Once it is approved, we whitelist the URL for the user. The solution is useful for zero-trust and DLP.

The UI is easy to use. All the options are accessible.

The product has limited features. We only have the option to monitor URLs and HTTPS logs. The tool must provide IP-blocking features.

I have been using the solution for more than three years.

The tool is stable. For the past three years, I haven't seen it break down. I rate the stability a ten out of ten.

I rate the tool’s scalability a seven out of ten. When we search for logs, it doesn’t take much time. It’s quite fast, even if we have a lot of logs. We use more than 1000 URLs in a day. Getting the logs in real-time is quite important. Four of our customers are using the solution. We have 30,000 to 40,000 users.

I have used Symantec DLP.

The engineering team sets up the tool. We use the tool to analyze user behavior during incidents. We can see whether URLs accessed by the users were approved by the organization.

The product is a bit expensive.

We take support from Zscaler and provide the service to our clients. We are partners. People who want to use the product must explore the options. We can do multiple things for a single URL. We can restrict URLs to only access the GET request or POST request. We can do HTTP control and SSL inspection. We can also access the threat intel. We can look up a URL and get the details in real-time. Overall, I rate the tool an eight out of ten.

We use Zscaler CASB for DLP and shadow IT.

The most valuable features of Zscaler CASB are API integration and DLP.

Zscaler CASB should include integrations with other SaaS applications.

We just bought Zscaler CASB a week ago.

I rate Zscaler CASB a nine out of ten for stability.

Zscaler CASB has good scalability. I rate Zscaler CASB a seven out of ten for scalability.

The solution's technical support provides a late response; otherwise, it's fine.

Neutral

I have previously worked with McAfee. Compared to Zscaler CASB, McAfee needs to upgrade a lot of things. We chose Zscaler CASB because of more applications and information that we could get to do some fine-tuning on the policies.

The solution's initial setup is supposed to be fairly easy since it's an API.

We haven't yet started to deploy the solution. We will seek the help of professional services to deploy Zscaler CASB.

Zscaler CASB is an expensive solution. On a scale from one to ten, where one is less expensive and ten is more expensive, I rate Zscaler CASB's pricing a seven out of ten.

I recommend users consider the cost and benefit, integration, and supported applications before choosing Zscaler CASB.

Overall, I rate Zscaler CASB a seven out of ten.

We can use Zscaler Private Access as a recipient for external communication. Zscaler Private Access can help users sitting in our organization domain and trying to access their own internal company sources. The traffic is forwarded to us through the Zscaler Private Access node, which we can have in our own infrastructure, or it can be hosted on the Zscaler private cloud.

We are using Zscaler Private Access to build our own Zscaler private node. Although this node is maintained and managed by Zscaler, it resides in our own data center or domain. So the traffic forwarded from the user system towards any internal resource will go through this private node.

Zscaler Private Access is a platform that eliminates the complexity of VPN configuration. Zscaler Private Access is easy to configure and manage and takes less time to configure. We can manage our own application or secure our application and our own internal traffic. We can create a security node in our own infrastructure.

We are getting some issues with internet access. Authenticating or onboarding something on Zscaler Private Access manually is a troublesome task. Users report application access or latency issues with Zscaler Private Access.

I have been using Zscaler Private Access for the last two and a half years.

I rate Zscaler Private Access eight and a half out of ten for stability.

I rate Zscaler Private Access an eight out of ten for scalability.

Zscaler Private Access' initial setup is not as easy as ZIA, but it's okay compared to other platforms.

Zscaler Private Access will ease your task, equal to a VPN. Lots of companies are using their own VPN access.

Overall, I rate Zscaler Private Access an eight out of ten.

We manage multiple customers using ZIA and ZPA to access internal resources and secure their own web applications. It acts like a VPN access connectivity, and ZIA is used as an internet gateway for users.

Sandboxing, DLP, and SSL inspection engine are the most valuable features of Zscaler SASE. Zscaler SASE is an easy-to-use tool that manages the cloud security architecture.

Currently, we are using APIs, and we need some enhancement on the script running with the Zscaler SASE cloud API. Also, it would be better if we could integrate with other vendors. We often face performance and latency issues with Zscaler SASE.

I have been using Zscaler SASE for the last four years.

I rate Zscaler SASE a seven and a half out of ten for stability. We face performance issues if there is any anomaly on the nodes bonded with our architecture from some location. We also face some routing and latency issues on Zscaler SASE that need to be rectified. In addition, there are no dedicated Zscaler nodes in countries like China and Dubai.

I rate Zscaler SASE a six out of ten for scalability.

Zscaler SASE's deployment time depends upon your design, architecture, and infrastructure size. If you have a small network of offices, the deployment will take at least three to four days. But if you have a larger architecture, deployment time will depend upon your planning, staging, and implementation.

With Zscaler SASE, we can manage multiple features in a single platform. We can manage all allocations that we have in our architecture on a single platform. This reduces the operation cost and takes fewer resources to deploy because we have APIs in Zscaler SASE. API would be the simplest way to configure anything across our sites if we have a larger retail architecture.

ZPA is configured on our architecture, but ZIA's traffic goes to the Zscaler-hosted cloud.

Overall, I rate Zscaler SASE an eight out of ten.