
Overview

Product video
The Cloud Security Connector (CSC) for AWS is an EC2 instance that connects internal AWS resources to Zscaler Internet Access (ZIA). The CSC for AWS lets you connect securely to Zscaler ZIA up to 3 Gbps without hassle. The primary purpose of the CSC family is simplicity. The CSC for AWS comes with all the configurations required, and it works with the Zscaler API. After launching the CSC from the AWS Marketplace using the CloudFormation template provided, the CSC will automatically select the best ZEN nodes, do the GRE tunnels and create the Location on your Zscaler console. All Zscaler ZIA functionalities are available, providing complete visibility of all Internet traffic. In addition, the CSC provides high availability, changing the default route to Zscaler when configured as a High Availability pair and an easy way to manage direct bypasses to trusted sites using your public IP. Includes Private Cloud Private Access (PriCPA) functionality that allows you to create a full mesh among the CSCs communicating your private traffic on a Zero Trust model. It is simple to install and completely manageable using Amazon Systems Manager, Rundeck (or a similar tool, like Ansible, Salt, etc.), and SSH.
Highlights
- The CSC protects your Public (ZIA) and Private (PriCPA) Traffic.
- The CSC is simple to deploy and fully compliant with Zscaler's best practices.
- The CSC provides automatic detection and configuration of the Zscaler Nodes, automatic default route selection for High Availability and easy Bypass functionality.
Details
Unlock automation with AI agent solutions

Features and programs
Financing for AWS Marketplace purchases
Pricing
Free trial
Dimension | Cost/hour |
---|---|
r5.large | $0.18 |
m5n.large | $0.18 |
r5a.xlarge | $0.18 |
m5zn.xlarge | $0.18 |
m5.large | $0.18 |
t2.small | $0.18 |
t3.small | $0.18 |
m5a.xlarge | $0.18 |
t3a.small | $0.18 |
t3a.medium | $0.18 |
Vendor refund policy
We do not currently support refunds, but you can cancel at any time.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Cloud Security Connector for Zscaler with PriCPA
The Cloud Security Connector (CSC) for AWS is an EC2 instance that connects internal AWS resources to Zscaler Internet Access (ZIA). The CSC for AWS lets you connect securely to Zscaler ZIA up to 3 Gbps without hassle. The primary purpose of the CSC family is simplicity. The CSC for AWS comes with all the configurations required, and it works with the Zscaler API. After launching the CSC from the AWS Marketplace using the CloudFormation template provided, the CSC will automatically select the best ZEN nodes, do the GRE tunnels and create the Location on your Zscaler console. All Zscaler ZIA functionalities are available, providing complete visibility of all Internet traffic. In addition, the CSC provides high availability, changing the default route to Zscaler when configured as a High Availability pair and an easy way to manage direct bypasses to trusted sites using your public IP. Includes Private Cloud Private Access (PriCPA) functionality that allows you to create a full mesh among the CSCs communicating your private traffic on a Zero Trust model. It is simple to install and completely manageable using Amazon Systems Manager, Rundeck (or a similar tool, like Ansible, Salt, etc.), and SSH
CloudFormation Template (CFT)
AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."
Version release notes
Additional details
Usage instructions
Access the Cloud Security Connector configuration console via SSH to the first IP of the internal interface (eth1, labelled: csc-gre-single-internal-interface), using your SSH key and the user: "cscadmin". Example: ssh -i <yourkey.pem> cscadmin@<eth1 IP> . All Configuration and Monitoring tools are available via menu selection. Alternatively, if you deployed the CSC passing UserData values and registering the SSM Agent, you can check the status "Running Commands" from AWS Systems Manager.
Resources
Vendor resources
Support
Vendor support
We provide support for all our customers via Support Portal. Our response time is usually less than 24 hrs. Support Portal page: http://support.maidenheadbridge.com , Support Email: support@maidenheadbridge.comÂ
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.


FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
Standard contract
Customer reviews
Prevents the end-user system from being compromised and good integration capabilities
What is our primary use case?
This solution is for hybrid users who work from anywhere. It's like an end-user firewall. We can have restrictions on the end-user. If they come to the office, we have the infrastructure set up, and we can restrict access.Â
But if they are connecting to the office from a personal network, like when working from home, we don't have any visibility. That is where Zscaler will help us get control over the end user. Wherever they are, on any network, the organization policy will be pushed to the end-user.
What is most valuable?
It is very beneficial in preventing the end-user system from being compromised. It can give visibility on the end user's internet access. If the user is accessing any malicious content, suspicious things, or phishing attacks, those things can be mitigated by using Zscaler. Those kinds of traffic will be blocked. That is one of the advantages.
What needs improvement?
If there are any issues at the network level, such as users working from home, then it is very hard to catch up with them and resolve issues on the end-user machine.Â
If the user doesn't have internet access because of Zscaler... Sometimes, it might be a rare case, but it is very challenging for us to take action because they don't have internet. It can be difficult for us to troubleshoot.
The user accessibility; it is better to improve that for control accessing and configuring. It's very complicated to do the configuration. The IT job is a little bit complicated. Those who have the experience can do that. It's not easy or handy to use this tool.
What do I think about the stability of the solution?
It has good stability, and it is very secure in terms of security. Â
What do I think about the scalability of the solution?
Scalability is complicated. I would rate it an eight out of ten. It can support more than 10,000 end users.
How are customer service and support?
We have used tech support to solve some kind of issues, network issues, or any product-level issues. We used to connect with the tech support of Zscaler.
Sometimes we used to get faster support. If it's an issue with the product level, then it will take some time. That's also fast only. The support is good from their end.
Which solution did I use previously and why did I switch?
We used to use FortiSASE from Fortinet. It follows the same zero-trust security access concept. It is also in the same picture. But if you compare it to Zscaler, Zscaler is better compared to FortiGate.
Zscaler is very secure, and it has more features, like application segmentation, where only trusted users can access limited resources within the private environment.
How was the initial setup?
The deployment time depends on the environment and how many users are there. For example, for a hundred users, we can complete the deployment within two weeks.
It can integrate with multiple third-party solutions like Microsoft for authentication purposes, and Splunk, QRadar, and any antivirus solutions if they have them. It is feasible to integrate with third parties so that we can get access together to protect the end-users and the environment.
What about the implementation team?
It requires around ten people, dedicated engineers, to manage this.
What was our ROI?
From the security perspective, it has a layered approach for the connector. But with FortiGate, it's like simply connecting to the network, and it doesn't have that much security.
What's my experience with pricing, setup cost, and licensing?
It is a little bit too costly because of the maintenance and the product scalability. It is a little bit costly compared to other products, and it has more features compared to them. That is where the pricing seems more.
What other advice do I have?
I would rate it a nine out of ten. It is recommended for hybrid users, where the work-from-anywhere concept is followed. It is very useful for them to get complete visibility on the end-user and to secure their environment by bridging from outside.
A fast and scalable solution that is secure and can be modified according to the customers’ requirements
What is our primary use case?
We use the solution to connect private applications in the data center or the SaaS applications on the cloud.
What is most valuable?
The solution is secure.
What needs improvement?
The connectivity could be faster. Sometimes, the issue is internal.
For how long have I used the solution?
I have been using the solution for two years.
What do I think about the stability of the solution?
The product is pretty stable. It has a set of compliance that it follows. It is flexible. We can modify it according to our requirements. I rate the stability a nine out of ten. Sometimes, there are issues with the internet and cloud connectivity.
What do I think about the scalability of the solution?
We have 500 users in our organization. The product is completely scalable. We can scale it up to 20,000 easily.
How are customer service and support?
We contact the support team two or three times a year if we need to change some configuration. The technical team is good. The team works on our requests according to the priority levels assigned. The team calls us quickly if we raise a P1 request.
How was the initial setup?
The tool is easy to deploy. We have to deploy the agent on the user’s machine. The agent takes 20 minutes to be installed. The tool is deployed in the data center. If the prerequisites are set up already, the product can be deployed in two or three hours.
It is a cloud-based solution. We need two support engineers and one senior resource with more than seven years of experience in networking to deploy and maintain the tool. We need one product manager for coordination.
What about the implementation team?
The deployment can be done in-house.
What was our ROI?
The solution provides security. The users can access the application securely. The user experience is also good. The solution improves the latency and connectivity. When we connect through our legacy solution or VPN, we face delays. Zscaler is a fast solution.
What's my experience with pricing, setup cost, and licensing?
Price is not a problem. We prefer Zscaler because it is a secure product.
Which other solutions did I evaluate?
We also evaluated Forcepoint. We did a POC and demo of the solutions. We evaluated the products based on the use cases and their performance. Then, we chose Zscaler.
What other advice do I have?
Once the sales activity and upgrades were complete, we requested some licenses and started utilizing them. I will recommend the solution to others. Organizations must remove the bottlenecks and latency issues before converting from the legacy VPN connectivity to Zscaler. Otherwise, we will face some connectivity issues. Overall, I rate the tool a nine out of ten.