My primary use case for Zscaler Private Access (ZPA) is VPN replacement and zero trust access. I use Zscaler Private Access (ZPA) to give authorized users policy-based one-to-one connectivity to specific internal applications in our data center or cloud environments. I also use Zscaler Private Access (ZPA) to secure our hybrid cloud environment. For instance, when a developer needs to access a private staging server used in AWS, they connect directly through the closest Zscaler service edge. This makes the application invisible to the private internet, ensuring only the specialist can reach it.

Zscaler Private Access (ZPA) has significantly reduced our attack surface by making our internal apps invisible to the internet. It effectively eliminates lateral movement as users are only connected to the specific application they are authorized to use rather than the entire network segment.

Zscaler Private Access (ZPA) is highly stable. The architecture uses a global mesh of service edges with built-in fault tolerance and redundancy, providing an always-on experience that is far more reliable than our old hardware-based VPN concentrator.

Zscaler Private Access (ZPA) is elastically scalable because it is a software-defined perimeter and not an appliance-based solution. I can instantly scale to support thousands of additional users without needing to upgrade any physical hardware.

The best features are the AI-powered app segmentation that automatically discovers our applications. This saves a massive amount of manual configuration time and helps me build granular access policies much faster.

The app segmentation feature helps my team improve employee experience while giving our IT team peace of mind. It is truly a productivity tool that removes the clunkiness of a VPN. The initial discovery of legacy applications during setup can sometimes take more time to fine-tune, which is the only minor limitation.

Zscaler Private Access (ZPA) could be improved by making troubleshooting for specific mobile devices such as iPhones more intuitive, as identifying the root cause for mobile connectivity issues can sometimes be complex. The major improvement opportunity I would highlight is the troubleshooting functionality for mobile devices.

I have been using Zscaler Private Access (ZPA) for about three years to provide our distributed workforce with secure, seamless access to our internal applications.

Zscaler Private Access (ZPA) is highly stable. The architecture uses a global mesh of service edges with built-in fault tolerance and redundancy, providing an always-on experience that is far more reliable than our old hardware-based VPN concentrator.

Zscaler Private Access (ZPA) is elastically scalable because it is a software-defined perimeter and not an appliance-based solution. I can instantly scale to support thousands of additional users without needing to upgrade any physical hardware.

The customer support team is very knowledgeable about the ZTNA architecture and Zscaler Trust Portal provides excellent transparency into the health of the global cloud infrastructure.

I previously used a traditional legacy VPN. I switched because the VPN was too slow and hard to manage at scale, and it created a major security risk by putting users directly on the network.

Zscaler Private Access (ZPA) is an incredible enabler for modern hybrid work. The initial discovery of legacy applications during setup can sometimes take more time to fine-tune.

I have seen a significant return on investment since implementing Zscaler Private Access (ZPA). The ROI is often cited around 289% over the three years of typical enterprises. The key metrics include a 55% reduction in security breach risk and roughly 1.75 million in annual savings on infrastructure and legacy VPN licensing costs.

Zscaler Private Access (ZPA) is priced on a per-user, per-year basis. While it is a premium investment, the short payback period of about 11 months and consolidation of multiple point products make it very cost-effective in the long run.

I evaluated Cisco AnyConnect, Palo Alto, and Twingate. I finally chose Zscaler Private Access (ZPA) because it is the most deployed solution and offers the most mature AI-powered application segmentation.

Zscaler Private Access (ZPA) is a cloud-native service hosted on Zscaler's global cloud platform, which has over 150 points of presence. I use lightweight app connectors hosted in our own private data centers and public cloud like AWS or Azure to create secure inside-out connections to our applications. I use majorly the AWS one.

I purchased Zscaler Private Access (ZPA) through the AWS Marketplace, which allows me to simplify procurement, consolidate billing, and apply my Zscaler spend towards existing cloud commitments.

I would advise those looking into Zscaler Private Access (ZPA) to use the AI-powered app segmentation to automatically discover your applications. This feature saves a massive amount of manual configuration time and helps build granular access policies much faster.

My company relies on Zscaler Private Access (ZPA)'s cloud-native architecture to protect our private applications and sensitive data.

I give Zscaler Private Access (ZPA) a rating of 9 out of 10.

Zscaler Private Access (ZPA) is a Zero Trust Network Access solution. When replacing traditional remote access VPN technology, which is not aligned with NIST 800-207 Zero Trust principles, Zscaler Private Access (ZPA) is the solution. It serves enterprises that prefer not to manage the underlay by installing a client connector agent on end-user machines. It provides access to private applications and SaaS applications remotely when users are traveling while building secure connectivity and ensuring least privilege access to these applications rather than everything within the perimeter.

The base bundle of Zscaler Private Access (ZPA) comes with essential features that depend on client requirements. For secure private access, configuration of client connectors and app connectors on-premises or in the cloud is necessary. Additional features include remote browser isolation capability and secure browser access, which can replace existing Privileged Access Management solutions. DLP capabilities and double encryption ensure the underlying provider cannot strip packets and examine contents.

I would assess the security level achieved with Zscaler Private Access (ZPA)'s Zero Trust architecture as inherent to the system. The security policies focus on users and applications rather than network-based constructs. It offers configuration levers for ingesting risk from identity and application standpoints, generating a cumulative score that can trigger connection drops when breaching thresholds. These features align with NIST 800-207 principles. The Risk360 view helps assess security policies and rule sets, providing recommendations for policy tightening.

Zscaler Private Access (ZPA) can be improved by expanding integrations. While they integrate with standard vendors such as CrowdStrike, deeper integrations with other vendors are needed. They should harmonize risk scores between different vendors, as each might score things differently, requiring a robust handshake for meaningful integration.

There is room for having a complete on-premises option. While Zscaler Private Access (ZPA) wants users to utilize their infrastructure for scale benefits, regulated environments such as government and investment banks need on-premises processing for regulations and low latency requirements. High-frequency trading firms require processing traffic internally rather than through internet channels.

In the future, I expect expansion of integrations because architects need flexibility in vendor selection based on use cases. The solution needs better handshake capabilities between vendors for risk scores and other metrics. Support-wise, they have a strong presence globally, including challenging markets such as China, though very remote offshore areas remain uncovered.

I have worked with Akamai since 2019, when I first gained exposure to it.

I have worked with Zscaler Private Access (ZPA) and Palo Alto as an enterprise security architect across multiple client engagements as part of network security implementations. I have also worked with competitors including Cloudflare. As we were partners, we received preferential access to support. I rate this solution 9 out of 10.

We are using secure remote access for internal applications, and that's why we are using Zscaler Private Access (ZPA) now. I work with Zscaler Private Access (ZPA). I use it just for the VPN functionality.

The best advantage of the product is that it is always on as a VPN, which gives us much more functionality. It is basically easy to use and easy to configure. The solution for Zscaler Private Access (ZPA) is seamless for this.

From a visibility perspective, they have added more content features where we can see security and other aspects through available dashboards. That's the only notable addition, plus they are implementing the overall security architecture of tenants, which gives much more information to work with.

The only room for improvement is the troubleshooting problem with iPhones as of now.

The review should be anonymous; there should not be any personal or business details given. Both should be anonymous.

I have been using it for around four or five years.

The installation and deployments are straightforward; it is just a two-liner process. There is something in the documentation that might need changes, but it's pretty straightforward.

The documentation has to be perfect as it has not been updated for a long time. They need to update it based on the latest version and the commands we use.

The solution is stable enough.

We are using cloud services, but I am not sure about the scalability specifically.

Based on the limited users, this is perfectly fine since we are using only one box, and we haven't faced many issues with that.

I am not happy with the technical support from Zscaler Private Access (ZPA), particularly in India, where reachability is an issue with salespersons. Sometimes we need to reach a salesperson to get issues resolved, especially for mobile problems we're still facing. We lack specific root causes, and it's tough to relay information to users, considering multiple contributors such as phone numbers and internet service providers. We need more visibility on what problems users are facing with reachability.

I would rate technical support six points out of ten.

I have not used any other VPNs apart from Zscaler Private Access (ZPA).

I see some ROI in the product. Since we have a very small team, the ROI is around 20% to 30%. I would say 30%.

I am not using AWS Backup anymore since we spoke almost two years ago. I have a backup solution managed by another team, and there's a discussion about AWS for backup. I am responsible for the IT security part only.

I do not work with popular vendors such as Palo Alto or Fortinet, as my primary domain is Check Point, and it's all about security. I use Check Point for this purpose. I do not work with the product ZoneAlarm. We use only a specific firewall from Check Point and utilize only the firewall. We are not using Check Point CloudGuard Web Application Firewall; we are using a normal firewall, the Firewall as a gateway. The name of the product is Check Point Firewall Gateway.

I am not using a web gateway. We do not use products such as Harmony or Harmony Browse. I am using a VPN from Cisco for endpoint protection. I am not using the cloud firewall from Zscaler Private Access (ZPA). I am not working with Zscaler B2B or ZTNA as a service.

From a troubleshooting perspective, we face an issue with iPhones affecting about 10% of users. Even when we provide logs, they are not able to figure out what exactly is happening. It's not possible for users to collect logs each time, and this is a peculiar problem happening with 10 to 15 users.

The operational flexibility is very effective; there are no problems, and I did not have any issues with that. The solution is affordable, but there are other parts that could add much more information, which may not be useful for us at the moment, making it a bit expensive. There is also a China-specific solution, which is really expensive.

I agree to share my details with the Zscaler vendor. I do not want to be a reference for Zscaler Private Access (ZPA).

On a scale of 1-10, I rate this solution a 9.

I worked with these organizations for implementing Secure Service Edge and SASE solutions, including Cloud Access Security Brokers, such as Netskope and Zscaler.

Zscaler and Netskope are the main solutions I work with for various use cases.

Based on my experience, I have worked at the enterprise level only, for large companies such as banks and financial institutions that are transitioning from traditional solutions to new secure service edge solutions.

Zscaler has three components. Specifically, Zscaler Internet Access for secure web access, Zscaler Private Access (ZPA) that is a replacement of traditional VPN solution for securely accessing internal private applications without giving access to the whole network. It works by giving access to the particular application the user wants to access, and it checks numerous factors before granting access to the particular application, including posture checks, authentication, and authorization. Zscaler Digital Experience is a monitoring tool that monitors all application performance, network performance, and more. It helps us troubleshoot issues in a very short time.

When discussing Zscaler Private Access (ZPA) mainly, it is very helpful as a replacement for traditional VPN. In traditional VPN, we used to give access to the whole network, which increased attack vectors. Zscaler Private Access (ZPA) is more secure than these particular VPN solutions. We have implemented this solution for enhanced security. As a cybersecurity professional, I approach these answers from a security perspective.

Micro-segmentation, authentication, and authorization are key features in Zscaler Private Access (ZPA). We can implement role-based access and limit user access by creating different groups. For example, if the HR department needs access to only HR applications, we can create specific groups with appropriate access levels. This segregates access and makes it more secure. They also provide features such as browser isolation, which creates a separate browser when users are accessing content, thus creating an isolated environment to prevent attacks.

They provide integrations with various other security tools. The solution utilizes AI capabilities for various detections and responses. The solution has inbuilt AI for all detection capabilities.

Sometimes the team takes more time to provide responses on certain issues, which is why I do not rate it a perfect 10 out of 10.

Overall, with Zscaler, I have worked for around five years, and particularly with Zscaler Private Access (ZPA), I have three years of experience.

The deployment took approximately six months.

Sometimes connection errors occur when users are unable to connect to the particular cloud.

These connection errors started occurring post rollout, not just during the implementation.

For small and medium enterprises, it will be too expensive.

I have worked with the Zscaler technical team.

I would rate them around eight as they were pretty good.

The traditional solutions were still in use when we migrated to the current solutions. The migration process required extensive documentation and multiple testing phases.

Prices for Zscaler Private Access (ZPA) are higher than traditional solutions, but it provides enhanced security.

Product-wise, I would give Zscaler Private Access (ZPA) a seven. The overall rating for the solution is eight out of ten.

I am helping a customer to evaluate Palo Alto IoT Security and Cloudflare solutions. Additionally, I am a partner with Zscaler and work with Zscaler Private Access (ZPA) for secure access to private networks and VPN replacement.

Zscaler Private Access (ZPA) is the most mature compared to other vendors in terms of features and stability. It has been in the market for a while, resulting in more features compared to other vendors. It effectively provides security and zero trust network access.

The price is a concern as it increases every year and becomes more expensive, driving customers and other vendors to look for alternatives.

I have been dealing with Zscaler Private Access (ZPA) for more than five years.

The initial setup is easy, but the production implementation can be complex.

Zscaler Private Access (ZPA) is stable and one of its advantages.

Scalability is good with Zscaler Private Access (ZPA).

The level of support used to be good but is now decreasing. It is not improving. I would rate support around four out of ten points.

The initial setup is easy.

Pricing is a concern as it increases every year, making the solution more expensive for customers.

The comparison involves Palo Alto IoT Security, Cloudflare, and Zscaler Private Access (ZPA). Network security solutions like zero trust options such as Zscaler and Cloudflare are considered.

In terms of product, I rate Zscaler Private Access (ZPA) eight to nine out of ten.

The main use case is to access the local network or the customer network, the servers, and applications. This is the primary use case for Zscaler Private Access (ZPA) as we use it. Additionally, we use it to access cloud resources such as Microsoft Azure, as it's the easiest and most secure way to access these servers.

Zscaler Private Access (ZPA) is much more secure than VPN because users are only allowed to access specific applications rather than the whole network. The seamless operation ensures users don't experience any issues or the need to sign in separately. It's very comfortable to use, especially with remote work, as there is no difference whether users are in the office or working from home.

The rollout process could be much easier, and the configuration of identity providers like Azure is more complicated than with other zero trust network providers. This can be a pain point. Additionally, the software rollout process needs improvement as it requires knowledge of Linux command lines.

We have been working with ZPA for about four to five years.

Zscaler Private Access (ZPA) is highly stable, and I rate it ten out of ten.

I rate the scalability of ZPA as ten out of ten because it's a cloud service and can scale as needed.

The technical support for ZPA is excellent, rated ten out of ten. We have a perfect support system, and they are always helpful.

We started using ZPA because it was the leading solution on the market, although we reviewed other options.

The initial setup is rated as three out of ten because it involves Linux and command lines, making it relatively difficult.

One person is usually enough for deployment, depending on the time slot available. We conduct onboarding workshops to define use cases and server access needs.

The pricing of ZPA is rated five out of ten, which I consider to be in the middle. I believe it is justified for the capabilities provided.

We reviewed other solutions, but Zscaler offered much more features and configuration options tailored to customer needs.

ZPA is rated eight out of ten due to deployment complexity, but it's a very good solution overall.

We currently have two specific use cases for Zscaler Private Access (ZPA). Firstly, we use Azure Virtual Desktops (AVD), and the ZPA proxy facilitates user access to the internet. Secondly, we replaced our BlueCoat proxies with the ZPA solution in our server environment, directing their internet traffic through it.

The simplicity and logical structure of Zscaler make it easy to use and administer. It allows grouping, enabling en masse access conveniently. Unlike the BlueCoat proxy, which was more prescriptive and individual-focused, Zscaler offers group access. Additionally, Zscaler's modern tools enhance the network architecture by passing everything through a central core of security, ensuring everything is secure before accessing the internet.

Zscaler restricts customization, allowing a maximum of 256 customizable rules. This limitation is a drawback, as there are times when more customization is needed.

I have been using Zscaler ZPA for a couple of years.

The deployment took about three months, which was partly due to our slow work process and coordination with a third party. While Zscaler was not solely responsible for this duration, there were times when the documentation was insufficient, requiring us to react and fix issues.

There have been no stability issues since we cut over in mid-December. The solution is resilient, and we have not encountered any problems.

Scalability is not a problem at all. It works well and fits everything we need, earning a score of ten.

Zscaler’s customer service is quite good. They were available whenever needed and maintained regular contact with us. Even though achieving perfection is difficult, their support is commendable.

We previously used various Broadcom products, including BlueCoat proxies and Symantec EDR capabilities, for the last five years. However, we switched to different vendors and moved our endpoint protection to Microsoft Defender and proxy solution to Zscaler due to the older, clunky nature of the previous solutions.

The initial setup was fairly simple, with a rating of seven or eight. However, not all explanations were clear, and the documentation sometimes lacked detail, causing us to pivot around certain issues.

Our backend team of three or four people works intricately with the solution. The implementation involved our team and some third-party involvement, which contributed to the deployment duration.

It’s difficult to gauge the ROI accurately due to transitioning from a large, all-encompassing contract with Broadcom. While the Zscaler deployment saved us from renewing an expensive Broadcom contract, isolating the financial impact specifically on Zscaler is challenging.

The pricing is reasonable, falling at around a three or four. The costs for licensing were minimal relative to other solutions.

I can only compare Zscaler with Broadcom solutions. We faced issues with Broadcom's WSS, and while BlueCoat was effective, it was an older, more prescriptive solution. The modern, SaaS nature of Zscaler offers a better alternative.

I recommend ZPA to other users for its ease of use and support. However, the universal external IPs from Zscaler can be a pain because traffic could emerge from any of over 700 IPs, requiring ZPA or additional infrastructure to manage. I rate the overall solution a 9 out of 10.

We do not manage the vendor machines. We provide them with a passwordless solution. Multiple tenants are enabled on the vendor's machines from their organizations. Accordingly, they connect to both Zscaler and their own environment. We provide limited access to servers and use privileged remote access or browser access when needed.

Zscaler Private Access helps by resolving network choke issues, allowing application access from public networks without needing to integrate with internal networks. We provide browser and privileged remote access for vendors without managing their machines. The deployment of app connectors through MLA eliminates duplicate rules and policies.

One area for improvement is setting posture profiles for vendor machines. It's not yet enabled by Zscaler, however, it is in the pipeline.

I have been working with Zscaler Private Access for more than six or seven years.

Due to posture setting issues, I rate the stability as eight out of ten.

Scalability is ten out of ten as it's effective and expansive.

Customer service and support are rated seven or eight out of ten, needing improvement in quality and response time.

The setup process is simple if approached appropriately. It involves understanding use cases, reviewing customer feedback, and planning project execution geolocation-wise.

Although the solution is costly, its features justify the price for securing the organization from various access types. Competitors with lower pricing exist.

Netskope is a competitor product to Zscaler.

Overall, I rate Zscaler Private Access as nine out of ten.

The solution is more suitable for enterprise-level companies because of its cost.