Zscaler Private Access (ZPA)

We are using secure remote access for internal applications, and that's why we are using Zscaler Private Access (ZPA)  now. I work with Zscaler Private Access (ZPA) . I use it just for the VPN functionality.

The best advantage of the product is that it is always on as a VPN, which gives us much more functionality. It is basically easy to use and easy to configure. The solution for Zscaler Private Access (ZPA) is seamless for this.

From a visibility perspective, they have added more content features where we can see security and other aspects through available dashboards. That's the only notable addition, plus they are implementing the overall security architecture of tenants, which gives much more information to work with.

The only room for improvement is the troubleshooting problem with iPhones as of now.

The review should be anonymous; there should not be any personal or business details given. Both should be anonymous.

I have been using it for around four or five years.

The installation and deployments are straightforward; it is just a two-liner process. There is something in the documentation that might need changes, but it's pretty straightforward.

The documentation has to be perfect as it has not been updated for a long time. They need to update it based on the latest version and the commands we use.

The solution is stable enough.

We are using cloud services, but I am not sure about the scalability specifically.

Based on the limited users, this is perfectly fine since we are using only one box, and we haven't faced many issues with that.

I am not happy with the technical support from Zscaler Private Access (ZPA), particularly in India, where reachability is an issue with salespersons. Sometimes we need to reach a salesperson to get issues resolved, especially for mobile problems we're still facing. We lack specific root causes, and it's tough to relay information to users, considering multiple contributors such as phone numbers and internet service providers. We need more visibility on what problems users are facing with reachability.

I would rate technical support six points out of ten.

Neutral

I have not used any other VPNs apart from Zscaler Private Access (ZPA).

I see some ROI in the product. Since we have a very small team, the ROI is around 20% to 30%. I would say 30%.

I am not using AWS Backup  anymore since we spoke almost two years ago. I have a backup solution managed by another team, and there's a discussion about AWS  for backup. I am responsible for the IT security part only.

I do not work with popular vendors such as Palo Alto or Fortinet, as my primary domain is Check Point, and it's all about security. I use Check Point for this purpose. I do not work with the product ZoneAlarm . We use only a specific firewall from Check Point and utilize only the firewall. We are not using Check Point CloudGuard  Web Application Firewall ; we are using a normal firewall, the Firewall as a gateway. The name of the product is Check Point Firewall Gateway.

I am not using a web gateway. We do not use products such as Harmony  or Harmony  Browse. I am using a VPN from Cisco for endpoint protection. I am not using the cloud firewall from Zscaler Private Access (ZPA). I am not working with Zscaler B2B  or ZTNA  as a service.

From a troubleshooting perspective, we face an issue with iPhones affecting about 10% of users. Even when we provide logs, they are not able to figure out what exactly is happening. It's not possible for users to collect logs each time, and this is a peculiar problem happening with 10 to 15 users.

The operational flexibility is very effective; there are no problems, and I did not have any issues with that. The solution is affordable, but there are other parts that could add much more information, which may not be useful for us at the moment, making it a bit expensive. There is also a China-specific solution, which is really expensive.

I agree to share my details with the Zscaler vendor. I do not want to be a reference for Zscaler Private Access (ZPA).

On a scale of 1-10, I rate this solution a 9.

For our main use cases for Zscaler Private Access (ZPA) , it’s providing us a VPN solution for our clients, connecting to data build resources, and providing them security.

It's challenging to explain which features of Zscaler Private Access (ZPA)  are most valuable because the main client is the IT department in our company, and we, as DevOps, are deploying this solution as infrastructure for them. From our case, and as I'm familiar with this tool, the most value is the VPN connection because it provides access for all company members to data builds in a secure way.

Zscaler Private Access (ZPA) does an excellent job offering secure remote access to internal applications for our distributed workforce because it provides a granular way to grant access for specific people with specific applications.

Zscaler Private Access (ZPA) has been very effective in providing operational flexibility during our company's transition to cloud environments, as it helped us significantly, and it was deployed even before we migrated to the cloud itself.

Concerning improvements for Zscaler Private Access (ZPA), we have occasional issues, but I don't think they are related to the product itself; they may be related more to infrastructure problems or something else related to the network because it's a network application.

The current pain points we sometimes experience relate to the additional security applications we have on the laptops, and sometimes I don't know if I didn't get any notification from the application because it's an agent problem or something security-wise blocking this.

I have been using Zscaler Private Access (ZPA) for more than three years.

I would describe my experience deploying Zscaler Private Access (ZPA) as very straightforward, but I think it could allow more automatic ways to deploy and configure instead of having to connect to each new instance manually and configure it.

We didn’t have any issues with Zscaler Private Access (ZPA)’s stability, availability, or reliability.

I don’t know how Zscaler Private Access (ZPA)’s cloud-native architecture is used for scaling within my company, but we do use something deployed in the cloud, and from my perspective, we only deploy the agent, exactly what we took from the marketplace.

As for support from Zscaler Private Access (ZPA), I might have used it, but it’s primarily handled by the IT team.

I know we had something before Zscaler Private Access (ZPA) to address similar needs, but I don’t remember the application name. The decision to move to Zscaler Private Access (ZPA) was possibly because it’s more native in the cloud environment and provides us an easier way to get or configure this.

In regard to other solutions I considered before implementing Zscaler Private Access (ZPA), I don’t know because the decision on what to use and what to install came from management.

Regarding the micro-segmentation feature of Zscaler Private Access (ZPA), I can explain less, and I think the IT team who are managing it can explain better.

I don't know how Zscaler Private Access (ZPA) has helped minimize lateral movement within our network because I don't know how to measure this reduction.

Since implementing Zscaler Private Access (ZPA), I've not noticed any changes in the visibility or monitoring of user access patterns because it's not part of our responsibility. We deploy it, and the IT team is configuring and monitoring it, fixing issues if it's working or not.

I'm not familiar with all benefits from using Zscaler Private Access (ZPA) that I haven't discussed, as I am only familiar with the VPN-related functionality and the segmentation which provides granular security access for the clients.

I rate Zscaler Private Access (ZPA) eight out of ten.

Our use case for Zscaler Private Access (ZPA)  is that it provides Private Access.

Zscaler Private Access (ZPA)  means allowing users access to the internal network in AWS  in a secure way.

I use Zscaler Private Access (ZPA) to secure remote access to internal applications.

The most valuable feature of Zscaler Private Access (ZPA) is the ability to manage access with policies, all in one, which provides our security team the ability to provide the required permission for each team, and also visibility. If something goes wrong, I have a very friendly UI to see what's going wrong, why the user is blocked, or what the issue might be.

Zscaler has allowed an easy, secure way for us to access our internal resources from outside.

Its effectiveness for my organization is mainly security, as users can access those applications only if they have the permission to go through Zscaler.

Zscaler has helped with operational flexibility because when a new employee starts, it's very easy to give them the required permissions. Everything is managed in an Active Directory or Okta in our case, and it's very easy to have the user ready to start working with just a few clicks.

Zscaler Private Access (ZPA) is a very good product, though there are some areas for improvement.

The solution is not scalable; we deploy it in a high-availability environment, but it's not automated. We need to deploy it and ensure it will be available in two different Availability Zones, but it's not something that can be done with automation, such as auto-scaling.

I would appreciate seeing dynamic scaling implemented because it would be beneficial if an instance goes down to automatically start another one.

I have used Zscaler Private Access (ZPA) for a minimum of two to three years.

When we tried to deploy it, the first thing it indicated was that we were not subscribed, so we subscribed, and then the product was available for us.

The solution is not scalable; we deploy it in a high-availability environment, but it's not automated. We need to deploy it and ensure it will be available in two different Availability Zones, but it's not something that can be done with automation, such as auto-scaling.

Regarding auto-scaling or dynamically scaling, I am not familiar with this capability if it exists as a new feature.

I have not worked with customer support, as our IT department takes care of anything that isn't working and requires support.

Positive

The deployment process is actually very easy; we manage it with Terraform , so we are deploying the instance, activating it, and it's ready to go.

After we have the Terraform  set up, it takes just minutes to deploy.

I do not use the micro-segmentation feature.

I'm not exposed to the pricing, so I cannot give feedback on that as I'm just a technical DevOps person deploying it.

Zscaler has helped to manage complexity and cost compared to traditional network architecture.

On a scale of 1-10, I rate Zscaler Private Access (ZPA) a 9.

The main use cases for Zscaler Private Access (ZPA)  include allowing network access. We use it mostly for private laptops and Macs, and we are also using it for communication between EC2s.

I can provide examples of how it has been effective in the organization. We use Zscaler Private Access (ZPA)  to control the communication, mostly for the bands and working groups within the organization itself, so we can have complete control of who can access which resources on Amazon.

The features I appreciate the most about Zscaler Private Access (ZPA) are that it is very easy to use, and we have Terraform  for it, which makes it even easier and very straightforward.

I have utilized the segment feature, and we call it segmentation, though I am not certain if there is a difference between micro-segmentation and segmentation itself.

It has helped my organization in terms of minimizing lateral movement within the network, and I can confirm that.

I have not thought about how Zscaler Private Access (ZPA) can be improved, so I do not have any specific suggestions.

For the next release, I hope to see features that would make Zscaler Private Access (ZPA) even better, but I am quite satisfied with the product, so I am unsure if there is anything better they can implement.

I have used Zscaler Private Access (ZPA) for two years now, as I have been with the company for two years.

I have not used Zscaler Private Access (ZPA)'s cloud-native architecture for scaling.

I have not had to use their customer service or technical support.

Perhaps our IT department did, but I have not had any issues since then.

Positive

In terms of the setup, I am using Terraform  for it, so it is very straightforward. We are using Infrastructure as Code , so I am not certain if there is an interface that can be improved.

I was not involved in the setup as it was implemented before I joined the company.

I have found Zscaler Private Access (ZPA) to be very effective at providing operational flexibility during my organization's transition to cloud environments.

I do not remember the name of any other solutions that were considered before implementing Zscaler Private Access (ZPA), but there were several POCs conducted before the company decided on Zscaler Private Access (ZPA).

It is pretty straightforward and easy to use. On a scale of one to ten, I would rate Zscaler Private Access (ZPA) a ten.

I worked with these organizations for implementing Secure Service Edge and SASE  solutions, including Cloud Access Security Brokers, such as Netskope  and Zscaler.

Zscaler and Netskope  are the main solutions I work with for various use cases.

Based on my experience, I have worked at the enterprise level only, for large companies such as banks and financial institutions that are transitioning from traditional solutions to new secure service edge solutions.

Zscaler has three components. Specifically, Zscaler Internet Access  for secure web access, Zscaler Private Access (ZPA)  that is a replacement of traditional VPN solution for securely accessing internal private applications without giving access to the whole network. It works by giving access to the particular application the user wants to access, and it checks numerous factors before granting access to the particular application, including posture checks, authentication, and authorization. Zscaler Digital Experience is a monitoring tool that monitors all application performance, network performance, and more. It helps us troubleshoot issues in a very short time.

When discussing Zscaler Private Access (ZPA)  mainly, it is very helpful as a replacement for traditional VPN. In traditional VPN, we used to give access to the whole network, which increased attack vectors. Zscaler Private Access (ZPA) is more secure than these particular VPN solutions. We have implemented this solution for enhanced security. As a cybersecurity professional, I approach these answers from a security perspective.

Micro-segmentation, authentication, and authorization are key features in Zscaler Private Access (ZPA). We can implement role-based access and limit user access by creating different groups. For example, if the HR department needs access to only HR applications, we can create specific groups with appropriate access levels. This segregates access and makes it more secure. They also provide features such as browser isolation, which creates a separate browser when users are accessing content, thus creating an isolated environment to prevent attacks.

They provide integrations with various other security tools. The solution utilizes AI capabilities for various detections and responses. The solution has inbuilt AI for all detection capabilities.

Sometimes the team takes more time to provide responses on certain issues, which is why I do not rate it a perfect 10 out of 10.

Overall, with Zscaler, I have worked for around five years, and particularly with Zscaler Private Access (ZPA), I have three years of experience.

The deployment took approximately six months.

Sometimes connection errors occur when users are unable to connect to the particular cloud.

These connection errors started occurring post rollout, not just during the implementation.

For small and medium enterprises, it will be too expensive.

I have worked with the Zscaler technical team.

I would rate them around eight as they were pretty good.

Positive

The traditional solutions were still in use when we migrated to the current solutions. The migration process required extensive documentation and multiple testing phases.

Prices for Zscaler Private Access (ZPA) are higher than traditional solutions, but it provides enhanced security.

Product-wise, I would give Zscaler Private Access (ZPA) a seven. The overall rating for the solution is eight out of ten.