Zscaler Internet Access (ZIA)

What do you like best about the product?

I find Zscaler Internet Access pretty solid with its SSL inspection, which allows me to see what's actually going in and out of traffic without having to set up my own infrastructure from scratch. It's really nice and flexible in terms of policy. I can give direct access per user, group, or device. Allowing ports for specific users or devices is a big thing, especially since many threat actors manipulate and abuse open ports. With Zscaler Internet Access, I can control services and ports as well as the destination and source. The ZIA portal took some time to get used to, but once I found where everything is, it's not bad at all. I appreciate how user-friendly it is and how security and connectivity are more convenient—I don’t need to open things manually as Zscaler will do it for me. Plus, authentication plays a huge role. The initial setup was pretty easy, and I appreciate that Zscaler assigns a representative to help configure it until it's deployed to everyone.

What do you dislike about the product?

The whitelisting feature can be confusing and sometimes even if something is whitelisted, it may still not work properly. Also, when something is blocked, the error message is often unclear, only showing 'blocked by Zscaler,' which isn't very helpful. Another issue is that even after whitelisting with SSL Inspection, access might not be granted unless it is whitelisted in another way, such as Cloud apps. Lastly, there could be improvement in rule naming under URL categories, and it would be useful if whitelisting could be made temporary, like just for a few hours.

What problems is the product solving and how is that benefiting you?

I use Zscaler Internet Access for monitoring and controlling internet security. It provides a solid SSL inspection, flexible policies, and control over ports, protecting us from threats. The user-friendly setup and automatic actions enhance security and connectivity without extra infrastructure.

Zscaler Internet Access serves as our primary tool to secure employee outbound internet traffic and protect users from reaching malicious websites. We use it to protect users from web-based threats, enforce web access policies, block malicious websites, and monitor user internet activity through its proxy service, which provides secure internet access to employees in our organization.

A specific example of how I used Zscaler Internet Access to enforce web access policies involved blocking access to malicious websites identified in threat intelligence that users attempted to access through phishing emails with suspicious links. Zscaler Internet Access inspects web traffic and applies security policies before a connection is established between the user and the website. For instance, if a user clicks on a phishing link leading to a malicious website that might unknowingly download malware, Zscaler Internet Access identifies that website as malicious and blocks access immediately, preventing the user from reaching it.

Another use case I would mention regarding Zscaler Internet Access is the visibility it provides from a SOC perspective. As a SOC analyst, having visibility into users' web activity, blocked websites, policy violations, and potential threats is very useful during further investigations in the security field. It helps us maintain a consistent security posture.

Zscaler Internet Access has positively impacted our organization by improving our overall security posture, providing better visibility into the internet traffic our employees access, and protecting users from web-based threats such as phishing websites, malicious downloads, and suspicious sites. This has helped us remain safe from internet threats and improved support for remote users by consistently applying security policies without relying heavily on traditional on-premises security controls.

Zscaler Internet Access has reduced many security incidents for our SOC team. While I do not have exact metrics available, I can confirm that we have definitely seen a reduction in web-related security incidents, and it has also saved investigation time by allowing us to quickly review Zscaler Internet Access logs when a user reports suspicious websites or phishing links to determine whether the connection was allowed or blocked, thereby speeding up our investigation process.

The best features Zscaler Internet Access offers include URL filtering because it acts as a web gateway and allows us to write policy-based access control. The feature I use most is URL filtering, as it helps us control which websites users can access and block malicious or inappropriate sites.

URL filtering makes our day-to-day investigations easier from both security and operational perspectives. It automatically blocks access to known malicious websites and phishing or risky websites before users reach them, thereby reducing the number of security incidents we have to investigate.

Regarding improvements in Zscaler Internet Access, the admin console can sometimes be slow, particularly when navigating through reports or policy configuration. I also believe that troubleshooting tools and policy simulation features could be improved to make policy validation easier.

I have been working as a SOC analyst for two years and ten months entirely within a SOC environment, having started my career in that role.

I have not faced any major outages or downtime with Zscaler Internet Access; it is stable in our environment, and I would rate it nine out of ten in terms of stability.

Being cloud-native, Zscaler Internet Access scales very well and supports growing user numbers without the need for external hardware, and I would rate it nine out of ten for scalability.

I would rate customer support at nine out of ten as they have provided responsive and knowledgeable assistance, and the documentation is quite good.

We evaluated some traditional firewall-based web filtering solutions, but Zscaler Internet Access stood out because of its mature cloud architecture, scalability, and strong security controls. I am not certain about the specific vendors we evaluated, but we did research other tools, and Zscaler Internet Access stood out because of its features.

My advice to others looking into using Zscaler Internet Access is that the tool is good overall, but I recommend spending time understanding policy design and user requirements before deployment. Proper planning and testing of the policies and controls help reduce unnecessary user impact and make the rollout much smoother.

We do not have any business relationship with Zscaler aside from being clients who purchased the product.

I do not have exact numbers regarding the return on investment, but the main returns have come from improved visibility into user internet access, reduced risk from web-based threats, and simplified management that has decreased dependency on our analysts and traditional on-premises security devices.

We have not purchased Zscaler Internet Access through the AWS Marketplace; the licensing process was handled separately by our financial and management team.

We evaluated some traditional firewall-based web filtering solutions, but Zscaler Internet Access stood out because of its mature cloud architecture, scalability, and strong security controls.

A specific example of how I used Zscaler Internet Access to enforce web access policies involved blocking access to malicious websites found in threat intelligence that users attempted to access through phishing emails with suspicious links. Zscaler Internet Access inspects web traffic and applies security policies before a connection is established between the user and the website. For instance, if a user clicks on a phishing link leading to a malicious website that might unknowingly download malware, Zscaler Internet Access identifies that website as malicious and blocks access immediately, preventing the user from reaching it.

Another use case I would mention regarding Zscaler Internet Access is the visibility it provides from a SOC perspective. As a SOC analyst, having visibility into users' web activity, blocked websites, policy violations, and potential threats is very useful during further investigations in the security field. It helps us maintain a consistent security posture. I would rate this product nine out of ten overall.

Public Cloud

Amazon Web Services (AWS)

What do you like best about the product?

I use Zscaler Internet Access daily as a secure cloud-based web gateway to safely route and filter all company internet traffic, especially for remote and hybrid employees. It helps block malware, phishing attempts, and unauthorized web categories before they reach our corporate network. I appreciate its seamless background execution and extremely low latency, as users don't even notice it running because it filters web traffic on the fly without slowing down their internet connection. The cloud-delivered architecture eliminates the need to manage hardware appliances, making security policies instantly global. Additionally, it integrates seamlessly with Azure Active Directory for user identity provisioning and Single Sign On, and we connect it with Splunk SIEM to monitor security logs and analyze traffic data in real time. The onboarding and rollout to our specific team via automated policy profiles was seamless and completely effortless.

What do you dislike about the product?

The false positive rate for domain categorization can sometimes be frustrating, as it occasionally blocks legitimate web resources that users need for daily operations. Additionally, when we push a policy change or add a URL to the exception list in the admin portal, the cloud synchronization can take several minutes to propagate globally, which leads to temporary delays for the end user.

What problems is the product solving and how is that benefiting you?

I use Zscaler Internet Access to secure internet traffic for remote workers without relying on traditional VPNs. It prevents malware and phishing at the cloud level, reducing security tickets. The seamless, low-latency execution maintains productivity and minimizes service desk tickets related to connectivity issues.

What do you like best about the product?

I like how simple and transparent it is, with strong security that doesn’t feel restrictive. It runs seamlessly in the background while still giving me clear visibility into traffic and potential risks.

What do you dislike about the product?

At times it feels overly restrictive, with legitimate websites or tools getting blocked. Troubleshooting can also be slow, especially when it isn’t clear why access was denied in the first place.

What problems is the product solving and how is that benefiting you?

It provides secure internet access wherever I’m working, without having to rely on office networks or VPNs. As a result, I get safer browsing with fewer risks, plus consistent access when I’m working remotely or on client systems.

What do you like best about the product?

It’s a good tool for having centralized access to all client-facing virtual machines. The best part is that it can be accessed over port 443, rather than relying on the typical RDP port.

What do you dislike about the product?

The connection is usually inconsistent. Access control also feels limited because it relies on usernames rather than role-based access. On top of that, access to the clipboard and local drives is terrible.

What problems is the product solving and how is that benefiting you?

It provides single-window access to all my virtual machines, without frequent login prompts. I don’t need to remember separate credentials for each machine, domain, or region, which makes access much simpler.

What do you like best about the product?

Zscaler is a strong zero-trust security model that provides the level of security our organization expects. Connectivity is seamless: once I log in, it connects automatically, and the background processing requires very little effort from the user while still doing its job.

What do you dislike about the product?

I have faced couple of times automatic login issues; It is hard to identify where the application is, especially the icon is bit difficult to identify and troubleshoot the problems. I need to wait until I connect back.

What problems is the product solving and how is that benefiting you?

In our organization we required a strong security for our internet access; consistent to all users i.e. suitable for office, working from home, even global travelers with one security policy; centralized policy management and clear visibility with high scalability for our growing organization

What do you like best about the product?

It’s easy to configure, and it lets me set granular rules based on my requirements. I can also troubleshoot issues more easily with the help of web or fw insights.

What do you dislike about the product?

Sometimes the URL filtering rule does not work as expected. Also, Tunnel 2.0 can cause slowness and increased latency when accessing internet traffic.

What problems is the product solving and how is that benefiting you?

When users are working frok or anywhere we can create the policies and control the trafficso users can only access the traffic which allowed by company

What do you like best about the product?

I really like how Zscaler Internet Access (ZIA) delivers a seamless, secure experience for our remote workforce. Because it’s cloud-native, our security policies are applied consistently no matter where a user is located. The ability to inspect SSL traffic at scale without noticeably impacting performance is a major plus. On top of that, the interface feels intuitive, and the granular control over web access and threat protection gives us real peace of mind about our overall network security and data integrity.

What do you dislike about the product?

While Zscaler is highly effective, the administrative interface can feel a bit overwhelming at first due to the sheer volume of features and granular policies. The learning curve for new administrators is quite steep. Additionally, we occasionally experience minor false positives where legitimate sites or harmless applications are temporarily blocked, requiring manual whitelisting. Finally, navigating the logs to generate highly customized reports can sometimes be less intuitive and slower than expected.

What problems is the product solving and how is that benefiting you?

Zscaler Internet Access solves the complex challenge of securing remote connections and protecting sensitive information without the performance lag of traditional VPNs. In our daily operations, handling confidential client files, financial data, and compliance documents requires non-negotiable security. ZIA ensures that all traffic is rigorously inspected and secured, regardless of where the team is working from. The biggest benefit is the combination of a seamless user experience and complete peace of mind. It allows us to confidently conduct business outreach, connect with external partners, and manage our professional services securely from any location.

What do you like best about the product?

What I like most about Zscaler Internet Access is that it combines strong security with ease of use at the same time, without the need for complex devices or traditional infrastructure management. I appreciate the strong security feature it offers in protecting users from cyber threats such as malicious sites and cyber attacks, and the fact that it allows users to connect to the network securely from anywhere without relying on traditional VPNs. I also consider that it provides a strong level of security, easy centralized management, excellent support for remote work, and high scalability.

What do you dislike about the product?

The performance of Zscaler Internet Access is very good, but there are some areas that can be improved. Firstly, setting up and configuring advanced policies initially can be complex and requires clear technical expertise, especially in large environments. Also, there are challenges in the flexibility of policy application in large and complex environments, where organizing policies and avoiding conflicts between them requires careful planning and continuous management. Additionally, improving the experience of managing exceptions is necessary, as dealing with them frequently can increase the complexity of settings over time if not well organized. One of the improvements that could be beneficial is simplifying the user interface for policy management and making it more user-friendly for new users to reduce the learning curve.

What problems is the product solving and how is that benefiting you?

I find that Zscaler Internet Access helps protect users from cyber threats such as malicious sites, and provides secure remote access without the need to use a traditional VPN.

What do you like best about the product?

I love that Zscaler Internet Access provides strong security and a fast user experience without complexity, as it thoroughly inspects all traffic, including encrypted traffic. It offers comprehensive protection by enabling direct and fast access to applications from anywhere without the need for traditional complex infrastructure like VPNs and firewalls. This combination of security and speed makes using the product comfortable and efficient.

What do you dislike about the product?

Strong in security, but needs improvement in performance, ease of management, and cost.

What problems is the product solving and how is that benefiting you?

I use Zscaler Internet Access to secure browsing, eliminate the complexity of VPNs, and protect data. It provides fast access to applications and enhances security without relying on VPNs or firewalls.