My primary use case for Zscaler Private Access (ZPA) is VPN replacement and zero trust access. I use Zscaler Private Access (ZPA) to give authorized users policy-based one-to-one connectivity to specific internal applications in our data center or cloud environments. I also use Zscaler Private Access (ZPA) to secure our hybrid cloud environment. For instance, when a developer needs to access a private staging server used in AWS, they connect directly through the closest Zscaler service edge. This makes the application invisible to the private internet, ensuring only the specialist can reach it.
Zscaler Private Access (ZPA)
Zscaler, Inc.External reviews
135 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Zero trust access has secured hybrid work and now provides seamless app connectivity
What is our primary use case?
How has it helped my organization?
Zscaler Private Access (ZPA) has significantly reduced our attack surface by making our internal apps invisible to the internet. It effectively eliminates lateral movement as users are only connected to the specific application they are authorized to use rather than the entire network segment.
Zscaler Private Access (ZPA) is highly stable. The architecture uses a global mesh of service edges with built-in fault tolerance and redundancy, providing an always-on experience that is far more reliable than our old hardware-based VPN concentrator.
Zscaler Private Access (ZPA) is elastically scalable because it is a software-defined perimeter and not an appliance-based solution. I can instantly scale to support thousands of additional users without needing to upgrade any physical hardware.
What is most valuable?
The best features are the AI-powered app segmentation that automatically discovers our applications. This saves a massive amount of manual configuration time and helps me build granular access policies much faster.
The app segmentation feature helps my team improve employee experience while giving our IT team peace of mind. It is truly a productivity tool that removes the clunkiness of a VPN. The initial discovery of legacy applications during setup can sometimes take more time to fine-tune, which is the only minor limitation.
What needs improvement?
Zscaler Private Access (ZPA) could be improved by making troubleshooting for specific mobile devices such as iPhones more intuitive, as identifying the root cause for mobile connectivity issues can sometimes be complex. The major improvement opportunity I would highlight is the troubleshooting functionality for mobile devices.
For how long have I used the solution?
I have been using Zscaler Private Access (ZPA) for about three years to provide our distributed workforce with secure, seamless access to our internal applications.
What do I think about the stability of the solution?
Zscaler Private Access (ZPA) is highly stable. The architecture uses a global mesh of service edges with built-in fault tolerance and redundancy, providing an always-on experience that is far more reliable than our old hardware-based VPN concentrator.
What do I think about the scalability of the solution?
Zscaler Private Access (ZPA) is elastically scalable because it is a software-defined perimeter and not an appliance-based solution. I can instantly scale to support thousands of additional users without needing to upgrade any physical hardware.
How are customer service and support?
The customer support team is very knowledgeable about the ZTNA architecture and Zscaler Trust Portal provides excellent transparency into the health of the global cloud infrastructure.
Which solution did I use previously and why did I switch?
I previously used a traditional legacy VPN. I switched because the VPN was too slow and hard to manage at scale, and it created a major security risk by putting users directly on the network.
How was the initial setup?
Zscaler Private Access (ZPA) is an incredible enabler for modern hybrid work. The initial discovery of legacy applications during setup can sometimes take more time to fine-tune.
What was our ROI?
I have seen a significant return on investment since implementing Zscaler Private Access (ZPA). The ROI is often cited around 289% over the three years of typical enterprises. The key metrics include a 55% reduction in security breach risk and roughly 1.75 million in annual savings on infrastructure and legacy VPN licensing costs.
What's my experience with pricing, setup cost, and licensing?
Zscaler Private Access (ZPA) is priced on a per-user, per-year basis. While it is a premium investment, the short payback period of about 11 months and consolidation of multiple point products make it very cost-effective in the long run.
Which other solutions did I evaluate?
What other advice do I have?
Zscaler Private Access (ZPA) is a cloud-native service hosted on Zscaler's global cloud platform, which has over 150 points of presence. I use lightweight app connectors hosted in our own private data centers and public cloud like AWS or Azure to create secure inside-out connections to our applications. I use majorly the AWS one.
I purchased Zscaler Private Access (ZPA) through the AWS Marketplace, which allows me to simplify procurement, consolidate billing, and apply my Zscaler spend towards existing cloud commitments.
I would advise those looking into Zscaler Private Access (ZPA) to use the AI-powered app segmentation to automatically discover your applications. This feature saves a massive amount of manual configuration time and helps build granular access policies much faster.
My company relies on Zscaler Private Access (ZPA)'s cloud-native architecture to protect our private applications and sensitive data.
I give Zscaler Private Access (ZPA) a rating of 9 out of 10.
Zero Trust Security Makes Remote Work Effortless
What do you like best about the product?
Zero Trust Security enforces least-privilege access and Seamless, VPN-Free Access without the complexity of a traditional VPN. Those make remote work much smoother.
What do you dislike about the product?
Limited Offline Functionality: the application is only designed for online access, so users may encounter issues if temporarily offline or with unstable internet.
What problems is the product solving and how is that benefiting you?
Zscaler Private Access solves the challenges of traditional VPNs, such as slow performance, complex management, and broad network exposure. By providing secure, application-level access instead of full network access, it significantly reduces security risks and prevents lateral movement.
It benefits me by enabling reliable, VPN-free access to internal applications from anywhere, improving user experience and productivity. The Zero Trust model and integration with SSO also simplify access management, strengthen security, and make onboarding and offboarding much more efficient.
It benefits me by enabling reliable, VPN-free access to internal applications from anywhere, improving user experience and productivity. The Zero Trust model and integration with SSO also simplify access management, strengthen security, and make onboarding and offboarding much more efficient.
Zero trust access has transformed remote work and now secures every internal application session
What is our primary use case?
My primary use case for Zscaler Private Access (ZPA) is securing application-level access to internal applications without exposing the network to the public network. Previously, VPN gave users broad network access, which increased the risk capacity. With ZPA, we follow the Zero Trust principle, allowing users access only to the specific applications they are authorized for, and this dramatically improves security and compliance.
A strong example of how I use Zscaler Private Access (ZPA) for securing application-level access occurred during a company-wide shift to remote work, as VPN concentrators were overloaded, causing slow connections and outages. After moving critical apps to ZPA, users connected directly through the Zscaler cloud, and consistent performance significantly helped desk VPN ticket drops. Our remote employees can access applications more smoothly, even from different geographies and networks, especially considering the multiple issues faced during COVID-19. This example correlates all those issues where no one could access all those applications and the exposure over the internet was critical. At the time, there were many gaps, and through ZPA, it is easy to configure and provides easy access to all those internal applications with least privilege access.
What is most valuable?
Zscaler Private Access (ZPA) offers many features, including Zero Trust Network Access, which adheres to the principle of "never trust, always verify." Additionally, it provides application-level access, allowing specification of applications that significantly reduce the risk of lateral movement and eliminate network exposure. There is also the option to create identity-based policies, and since it is a cloud-native architecture, there is no dependency on on-premise or hybrid solutions. In terms of scalability, ZPA supports multi-cloud and hybrid environments while providing a seamless user experience as users connect transparently without the need to launch or manage VPN tunnels, which is a great feature.
Instead of creating VPN accounts with broad permissions, we now grant vendors access to only one application via Zscaler Private Access (ZPA). This approach makes audits easier, improves security, and gives management confidence that external access is tightly controlled and logged without additional network complexity. This is also the best solution for our audit needs since there is no firewall needed; we use remote access solutions that require and provide least privilege access to users, which helps with risk, compliance, governance, and adheres to the Zero Trust principle.
Zscaler Private Access (ZPA) positively impacts my organization through application segmentation and access policy management. On a daily basis, I review access policies, onboard new applications, and validate users based on identity and posture solutions. This method is far safer than traditional subnet-based access, aligning with the Zero Trust architecture principle.
What needs improvement?
After deploying Zscaler Private Access (ZPA), I notice a reduction in VPN-related support tickets, particularly during peak hours, and audits become smoother because access is clearly defined per application. Our incident response team reports improved visibility into user access events, making investigations faster and more accurate. While ZPA greatly improves the management process, the administrative interface could be more intuitive, particularly for troubleshooting scenarios requiring navigation across multiple dashboards and logs during real operational settings, especially in incidents. Simpler visibility into traffic flow and access decisions would significantly speed up root cause analysis.
To improve Zscaler Private Access (ZPA), we need more real-world deployment examples and technical documentation, including step-by-step guides for complex scenarios such as multi-cloud legacy app integration. These resources would help engineers implement and troubleshoot faster, especially during initial rollouts and major environmental changes.
The training costs associated with Zscaler Private Access (ZPA) are very high, and there are few resources available online. This makes understanding customer and employee needs challenging. There are many dependencies on the internet, and it is not straightforward to comprehend the entire infrastructure architecture and how ZPA operates.
I do not give a perfect ten because I notice a lot of dependencies on the TAC, along with complexity in the UI. Sometimes, fully understanding the policy workflow and troubleshooting tools require improvement, especially concerning dashboard usability and diagnostics. There are many restrictions that hinder troubleshooting without a TAC engineer.
For how long have I used the solution?
I have been working with Zscaler Private Access (ZPA) for around two years, having initially deployed it during a phase when remote work demand rapidly increased. Over time, ZPA became a core part of our access strategy, replacing a large part of the VPN community footprint and supporting both permanent employee and external partners' access solutions to internal applications securely.
What do I think about the stability of the solution?
Zscaler Private Access (ZPA) is very stable in production, with extremely rare outages and minimal user complaints. Even during peak usage or mass remote access events, performance remains consistent, which is critical for an enterprise environment handling business-critical applications.
What do I think about the scalability of the solution?
Scalability is one of Zscaler Private Access (ZPA)'s strongest points, allowing us to onboard hundreds of users quickly without altering infrastructure since it is cloud-based. Scaling users or applications does not require any additional hardware or complex restructuring, presenting a significant operational advantage based on subscription counts.
How are customer service and support?
The customer support for Zscaler Private Access (ZPA) is good, responding quickly to tickets and engaging via Zoom sessions.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, we used traditional VPN solutions such as IPsec and SSL VPN, which provided network-level access and posed significant security risks. We switched to ZPA to embrace the Zero Trust approach, reduce the attack surface, and enhance the remote user experience without creating traffic bottlenecks through a centralized VPN gateway.
How was the initial setup?
The biggest impact on my team from Zscaler Private Access (ZPA) is the overhead reduction in timing and monitoring all applications through one GUI base. It is easy to integrate, with no complex configurations required, unlike traditional VPNs, which depend on firewalls and a host of policies. In the current SaaS environment, ZPA offers a good comparison and overview, paired with excellent security and monitoring tools.
What was our ROI?
The cost associated with Zscaler Private Access (ZPA) depends entirely on the number of users and licenses purchased, and while I have not put an extensive focus on return on investment metrics, it is a good cost model.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing, setup costs, and licensing for Zscaler Private Access (ZPA), while it is not the cheapest solution, when you factor in the reduced VPN infrastructure, hardware maintenance, and operational overhead, the cost becomes easier to justify. The simplicity of licensing also aids in scaling the users, allowing it to be viewed more favorably as a viable solution.
Which other solutions did I evaluate?
We evaluated other options from Palo Alto and Fortinet, but Zscaler Private Access (ZPA) stood out due to its cloud-native design, global scalability, and true application-level access model, which aligns better with our long-term Zero Trust strategy.
What other advice do I have?
My advice to others considering Zscaler Private Access (ZPA) is to invest time in application segmentation and identity integrations. ZPA yields the best results when applications are well-classified, and access policies are clearly defined. Additionally, training your operational team early will help them fully leverage the troubleshooting and monitoring capabilities available. The company also provides premium solutions on the TAC side, capable of responding within two to five minutes based on ticket severity levels.
Zscaler Private Access (ZPA) is a mature, enterprise-grade Zero Trust solution that delivers security and operational benefits. It is a great solution and ranks highly in Gartner reports. Recently, I have noticed some shifts in its standing on these reports and some downsides, possibly due to cost issues, so it is vital to ensure all aspects align with licensing costs. I gave this solution a rating of nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
No refresh needed
What do you like best about the product?
The best thing is unlike other VPN tool this application do need the refresh again and again once connected it works very smooth I have been using since long and it's works with great efficiency
What do you dislike about the product?
Nothing to dislike about this so far after using if for more than 6 to 8 months it has no dislike so far will keep updating the it team if needed any updates in future
What problems is the product solving and how is that benefiting you?
Quickly connects to client vpn
Stay remain connected for a week no need to authenticate again and again. Works smooth once connected able to access all the whitelisted internal application
Stay remain connected for a week no need to authenticate again and again. Works smooth once connected able to access all the whitelisted internal application
Strong Security, But Latency Can Be an Issue
What do you like best about the product?
Enjanced security is the perfect feature of zscaler. It prevents where a hacker gets on a network and jumps from one system to another- which is not possible with ZPA
What do you dislike about the product?
Performance & Latency: Because traffic must travel to a Zscaler data center before reaching your application, users may experience "hops" that add latency
What problems is the product solving and how is that benefiting you?
The level of security provided by zscaler because it belives in the principle. Never trust always verify.
In this way, hackers cannot enter our systems and our data can be secure
In this way, hackers cannot enter our systems and our data can be secure
Effortless Remote Access, Minor Performance Hiccups
What do you like best about the product?
I find Zscaler Private Access incredibly easy to use, which is a big plus for me as I don't have to manually connect. It's convenient because it runs in the background, removing extra steps from my daily workflow. This helps me focus on my work instead of worrying about connection issues. I also appreciate the security it offers, and the initial setup was smooth since IT provided clear instructions, leaving me with no issues.
What do you dislike about the product?
Sometimes it feels slower than usual and it is hard to tell if it's the network or the app.
What problems is the product solving and how is that benefiting you?
I use Zscaler Private Access to securely and effortlessly access my company's internal systems remotely, eliminating the need for traditional VPNs. It simplifies my workflow by running in the background and focusing on my work, not on the connection.
Secure Access, but Setup Needs Improvement
What do you like best about the product?
I like that Zscaler Private Access is secure.
What do you dislike about the product?
Setting up process especially when multiple people are using the same computer often doesn't work or is very daunting
What problems is the product solving and how is that benefiting you?
I use Zscaler Private Access to authenticate and access work-specific files, ensuring only authorized people have access.
Exceptionally User-Friendly Experience
What do you like best about the product?
It is user friendly and not complicated. Users like fedex pilots will grant access to it with their employee ID and aithorized with Okta verify which make it more secure.
What do you dislike about the product?
When updating IOS the application faces some problems and requires some troubleshooting steps to be taken in order to fix and that require second help.
What problems is the product solving and how is that benefiting you?
For my work as Fedex ipad support I provide support to pilots ipads and this requires being in the same network with them. And Zscaler provides ease of access to provide this support.
Fast, Seamless Access with Enhanced Security
What do you like best about the product?
Users only get access to the apps they need, not the whole network.
You don’t have to connect to a slow, old-style VPN.
It sends you to the app in the quickest path, so things load faster.
You just open your app, and it works in the background.
Apps stay hidden from the internet, so attackers can’t see them.
You don’t have to connect to a slow, old-style VPN.
It sends you to the app in the quickest path, so things load faster.
You just open your app, and it works in the background.
Apps stay hidden from the internet, so attackers can’t see them.
What do you dislike about the product?
Setup can be tricky – Getting all the rules, apps, and connectors right can take time.
Troubleshooting is not always easy – When something doesn’t work, it can be hard to see why.
Cost – It can be expensive for some organizations.
Troubleshooting is not always easy – When something doesn’t work, it can be hard to see why.
Cost – It can be expensive for some organizations.
What problems is the product solving and how is that benefiting you?
Old VPNs are slow and risky.
Users need access to apps from anywhere, safely.
Hackers can see apps if they are on the network.
Managing who can access what is hard.
Users can safely reach only the apps they need, from anywhere.
Apps stay hidden from the internet, so it’s harder for hackers to attack.
No slow VPN – work is faster and smoother.
Admins can control access easily without giving full network access.
Users need access to apps from anywhere, safely.
Hackers can see apps if they are on the network.
Managing who can access what is hard.
Users can safely reach only the apps they need, from anywhere.
Apps stay hidden from the internet, so it’s harder for hackers to attack.
No slow VPN – work is faster and smoother.
Admins can control access easily without giving full network access.
Secure Access without Speed Compromises
What do you like best about the product?
I like that Zscaler Private Access does not reduce the connection speed; my internet remains just as fast. Also, it is very easy to connect to Zscaler and, so far, I haven't had any problems, unlike other tools I've used in the past. The initial setup was also very easy. I would definitely recommend Zscaler Private Access to a friend or colleague.
What do you dislike about the product?
The only thing I don't like is that after a certain amount of time, it disconnects by itself, and I have to reconnect it. I'm not sure how long, but I would venture to say approximately 3 hours of inactivity. Sometimes I need it to stay connected and it doesn't happen.
What problems is the product solving and how is that benefiting you?
I use Zscaler Private Access to securely connect to my company's services, allowing me to access tools like Cyberark and remote desktop without reducing my connection speed.
showing 11 - 20