Sold by: Maidenhead Bridge
Deployed on AWS
Free Trial
The Cloud Security Connector is the most straightforward way to connect to Zscaler (ZIA) solution with High Availability, protecting public and private traffic.
4.3
Overview
The Cloud Security Connector (CSC) for AWS is an EC2 instance that connects internal AWS resources to Zscaler Internet Access (ZIA). The CSC for AWS lets you connect securely to Zscaler ZIA up to 3 Gbps without hassle. The primary purpose of the CSC family is simplicity. The CSC for AWS comes with all the configurations required, and it works with the Zscaler API. After launching the CSC from the AWS Marketplace using the CloudFormation template provided, the CSC will automatically select the best ZEN nodes, do the GRE tunnels and create the Location on your Zscaler console. All Zscaler ZIA functionalities are available, providing complete visibility of all Internet traffic. In addition, the CSC provides high availability, changing the default route to Zscaler when configured as a High Availability pair and an easy way to manage direct bypasses to trusted sites using your public IP. Includes Private Cloud Private Access (PriCPA) functionality that allows you to create a full mesh among the CSCs communicating your private traffic on a Zero Trust model. It is simple to install and completely manageable using Amazon Systems Manager, Rundeck (or a similar tool, like Ansible, Salt, etc.), and SSH.
Highlights
- The CSC protects your Public (ZIA) and Private (PriCPA) Traffic.
- The CSC is simple to deploy and fully compliant with Zscaler's best practices.
- The CSC provides automatic detection and configuration of the Zscaler Nodes, automatic default route selection for High Availability and easy Bypass functionality.
Details
Sold by
Categories
Delivery method
Delivery option
Cloud Security Connector for Zscaler with PriCPA
Latest version
Operating system
Ubuntu 24.04 LTS (Noble Numbat)
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
r5.large | $0.18 |
m5n.large | $0.18 |
r5a.xlarge | $0.18 |
m5zn.xlarge | $0.18 |
m5.large | $0.18 |
t2.small | $0.18 |
t3.small | $0.18 |
m5a.xlarge | $0.18 |
t3a.small | $0.18 |
t3a.medium | $0.18 |
Vendor refund policy
We do not currently support refunds, but you can cancel at any time.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Cloud Security Connector for Zscaler with PriCPA
The Cloud Security Connector (CSC) for AWS is an EC2 instance that connects internal AWS resources to Zscaler Internet Access (ZIA). The CSC for AWS lets you connect securely to Zscaler ZIA up to 3 Gbps without hassle. The primary purpose of the CSC family is simplicity. The CSC for AWS comes with all the configurations required, and it works with the Zscaler API. After launching the CSC from the AWS Marketplace using the CloudFormation template provided, the CSC will automatically select the best ZEN nodes, do the GRE tunnels and create the Location on your Zscaler console. All Zscaler ZIA functionalities are available, providing complete visibility of all Internet traffic. In addition, the CSC provides high availability, changing the default route to Zscaler when configured as a High Availability pair and an easy way to manage direct bypasses to trusted sites using your public IP. Includes Private Cloud Private Access (PriCPA) functionality that allows you to create a full mesh among the CSCs communicating your private traffic on a Zero Trust model. It is simple to install and completely manageable using Amazon Systems Manager, Rundeck (or a similar tool, like Ansible, Salt, etc.), and SSH
CloudFormation Template (CFT)
AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."
Version release notes
Additional details
Usage instructions
Access the Cloud Security Connector configuration console via SSH to the first IP of the internal interface (eth1, labelled: csc-gre-single-internal-interface), using your SSH key and the user: "cscadmin". Example: ssh -i <yourkey.pem> cscadmin@<eth1 IP> . All Configuration and Monitoring tools are available via menu selection. Alternatively, if you deployed the CSC passing UserData values and registering the SSM Agent, you can check the status "Running Commands" from AWS Systems Manager.
Resources
Vendor resources
Support
Vendor support
We provide support for all our customers via Support Portal. Our response time is usually less than 24 hrs. Support Portal page: http://support.maidenheadbridge.com , Support Email: support@maidenheadbridge.com
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Maidenhead Bridge
By Zscaler, Inc.
By Tailscale
Top
100
In Network Infrastructure, Security
Top
25
In Network Infrastructure, Infrastructure as Code
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Traffic Routing
"Automated routing of public and private network traffic through Zscaler Internet Access (ZIA) with up to 3 Gbps throughput"
High Availability Configuration
"Supports high availability deployment with automatic ZEN node selection and dynamic default route switching"
API Integration
"Native integration with Zscaler API for automatic configuration and management of network connections"
Zero Trust Access Model
"Implements Private Cloud Private Access (PriCPA) for creating full mesh communication with zero trust network principles"
Cloud Management
"Fully manageable through Amazon Systems Manager, SSH, and configuration management tools like Rundeck, Ansible, and Salt"
Content Inspection
Patented ByteScan engine performs inline content inspection for all traffic, including SSL traffic with minimal latency
Threat Detection
Real-time threat correlation using dynamic risk computation for web page objects and domains
Cloud Security Update
Delivers over 175,000 unique security updates daily with immediate threat blocking across global cloud infrastructure
Distributed Cloud Architecture
Globally distributed cloud-native security platform that eliminates traditional gateway appliance approaches
Advanced Threat Protection
Comprehensive security services including Sandbox, Firewall, and Data Loss Prevention (DLP) capabilities
Network Protocol
Secure networking solution built on WireGuard protocol with end-to-end encrypted connectivity across platforms and infrastructure
Identity Access Control
Network access management using user and service identities with integration capabilities for multiple identity providers like Google, Microsoft Entra ID, and Okta
Network Topology
Flexible zero-trust network architecture supporting peer-to-peer, mesh, and subnet-connected network configurations with decentralized design
Connectivity Resilience
Network connectivity maintenance across NATs, firewalls, and network changes with MagicDNS and static IP addressing capabilities
Security Mechanism
Automatic API key expiration, invisible network traffic, and comprehensive end-to-end encryption for secure network communication
Standard contract
No
No
Customer reviews
Jaspreet k
Addressed complex learning curve yet has improved automated routing and cloud security visibility
Reviewed on Dec 13, 2025
Review from a verified AWS customer
What is our primary use case?
In our current organization, we have been using Cloud Security Connector for Zscaler by Maiden Edge, Maidenhead Bridge for almost two and a half years. They are providing us specialized virtual appliances to simplify and secure connectivity between cloud environments. For our case, this involves AWS and Zscaler Internet Access , with a focus on zero trust and high availability, and it also helps with performance enhancement.
Our main use case for Cloud Security Connector for Zscaler is that we have been using it as a pre-configured virtual machine that we deploy on our AWS system with minimal networking requirements. This connector helps us automate Zscaler node detection and route selection, which reduces the manual configuration and operational burden for our organization's administrators. Management is quite straightforward through it being available with SSH and AWS System Manager. The appliance also includes built-in utilities for traffic monitoring and troubleshooting and log export to syslog. Our day-to-day use case is primarily that it helps us automate Zscaler node detection and route selection.
Automating node detection and route selection has helped us reduce the number of errors we were getting and made Zscaler more reliable and less dependent on Zscaler directly. Before using this solution with Zscaler, the Zscaler used to malfunction frequently, impacting our productivity. After implementing Cloud Security Connector for Zscaler along with Zscaler, we have seen positive effects, saving time as well as resources, which has left a very good impression on us.
How has it helped my organization?
Cloud Security Connector for Zscaler has positively impacted our organization by helping us in our cloud environment to connect our resources to Zscaler, ensuring that security policies are consistent with zero-trust access and increasing reliability by 28%. It has also helped us with site-to-cloud networking at high performance, optimizing performance and reducing the bottlenecks of cloud connectivity, saving resources and time by at least 78%. Additionally, it has automated workloads using Cloud Security Connector for Zscaler's high availability and ensured that connectivity is uninterrupted to Zscaler, even during network outages or maintenance.
What is most valuable?
Cloud Security Connector for Zscaler offers multiple features, but the major feature I love specifically is automated Zscaler node detection, which helps detect any kind of problem first. Additionally, it is available all the time, providing high availability routing for seamless failover, which is one of my favorite features. It also provides Layer 4 routed bypass for TCP, UDP, and ICMP traffic, enabling granular traffic control that streamlines our services working with Zscaler. It has provided complete visibility of internal IPs on the Zscaler console, allowing us to monitor and troubleshoot whenever there is a problem, making things transparent and easy for us to monitor. The integration with SIEM or syslog enhances centralized log management for our organization.
What needs improvement?
I feel that they are doing great with Cloud Security Connector for Zscaler. If I need to suggest an improvement, it would be to simplify the steep learning curve, as it can be complex for newcomers without prior experience. Apart from that, I did not face any challenges with them in these two and a half years.
For how long have I used the solution?
I have been working in my current field for almost 10 years.
What do I think about the scalability of the solution?
Cloud Security Connector for Zscaler's scalability is definitely impressive, as it has handled growth and changes in our organization well. Whenever we have increased our employees and the number of users, it has contributed positively to our growth without any scalability issues.
How are customer service and support?
We reached out to customer support three weeks back due to an issue where Zscaler got stuck, and they identified and solved the problem within 45 minutes, which is exceptional. I give them a 10 out of 10 for customer support.
How would you rate customer service and support?
Positive
How was the initial setup?
The deployment of Cloud Security Connector for Zscaler in our environment is very straightforward with the option to pass configuration parameters via user data during initial setup. The connector integrates seamlessly with cloud-native services, in our case AWS, and it also works with load balancers, firewalls, and monitoring solutions, making the deployment straightforward and easy, with no challenges I remember in our organization.
The configuration process for Cloud Security Connector for Zscaler is excellent. We did not encounter any challenges, and it was very smooth. Even if it is complex, the team is always there to help, and customer service is excellent—always there to assist with deployment or configuration challenges.
What was our ROI?
We have definitely seen a return on investment with Cloud Security Connector for Zscaler, saving us money by at least 20 to 25%. In terms of time, we have saved at least 22 to 25% related to security and automation. The employees have become more productive and focused on the right direction.
What's my experience with pricing, setup cost, and licensing?
The experience with pricing, setup cost, and licensing for Cloud Security Connector for Zscaler is definitely competitive. They provide us a good cost, and since we obtained it through AWS Marketplace , we are well supported in this area.
Which other solutions did I evaluate?
We did not use a different solution, but we have evaluated some alternatives, including Fortinet SASE , Cisco Umbrella , Netskope Security Cloud, and Palo Alto Networks Prisma Access .
Before choosing Cloud Security Connector for Zscaler, we definitely evaluated other options and looked at several solutions. We chose Cloud Security Connector for Zscaler because it is a scalable solution. Increasing the number of seats or users did not show any signs of crashing or lagging.
What other advice do I have?
One more thing I want to mention is the built-in tools for testing and troubleshooting, which include traffic logs, TCP dump, speed test, and MTR.
Everything else is good. The user interface is very attractive and does not require any change.
If you are looking into using Cloud Security Connector for Zscaler, I recommend it highly if you are committed to Zscaler and want a very simple automated GRE and IP routing from Azure , AWS, or GCP, without having to manage tunnels or custom NVA designs yourself.
Cloud Security Connector for Zscaler is a good solution that can help your Zscaler work better and secure your environment more effectively. It can also integrate with multiple cloud platforms like Azure , AWS, and GCP, making it a must-have solution for organizations based on my observation. I provide this review with an overall rating of 4 out of 5.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Tejesh S
Prevents the end-user system from being compromised and good integration capabilities
Reviewed on Aug 07, 2024
Review provided by PeerSpot
What is our primary use case?
This solution is for hybrid users who work from anywhere. It's like an end-user firewall. We can have restrictions on the end-user. If they come to the office, we have the infrastructure set up, and we can restrict access.
But if they are connecting to the office from a personal network, like when working from home, we don't have any visibility. That is where Zscaler will help us get control over the end user. Wherever they are, on any network, the organization policy will be pushed to the end-user.
What is most valuable?
It is very beneficial in preventing the end-user system from being compromised. It can give visibility on the end user's internet access. If the user is accessing any malicious content, suspicious things, or phishing attacks, those things can be mitigated by using Zscaler. Those kinds of traffic will be blocked. That is one of the advantages.
What needs improvement?
If there are any issues at the network level, such as users working from home, then it is very hard to catch up with them and resolve issues on the end-user machine.
If the user doesn't have internet access because of Zscaler... Sometimes, it might be a rare case, but it is very challenging for us to take action because they don't have internet. It can be difficult for us to troubleshoot.
The user accessibility; it is better to improve that for control accessing and configuring. It's very complicated to do the configuration. The IT job is a little bit complicated. Those who have the experience can do that. It's not easy or handy to use this tool.
What do I think about the stability of the solution?
It has good stability, and it is very secure in terms of security.
What do I think about the scalability of the solution?
Scalability is complicated. I would rate it an eight out of ten. It can support more than 10,000 end users.
How are customer service and support?
We have used tech support to solve some kind of issues, network issues, or any product-level issues. We used to connect with the tech support of Zscaler.
Sometimes we used to get faster support. If it's an issue with the product level, then it will take some time. That's also fast only. The support is good from their end.
Which solution did I use previously and why did I switch?
We used to use FortiSASE from Fortinet. It follows the same zero-trust security access concept. It is also in the same picture. But if you compare it to Zscaler, Zscaler is better compared to FortiGate.
Zscaler is very secure, and it has more features, like application segmentation, where only trusted users can access limited resources within the private environment.
How was the initial setup?
The deployment time depends on the environment and how many users are there. For example, for a hundred users, we can complete the deployment within two weeks.
It can integrate with multiple third-party solutions like Microsoft for authentication purposes, and Splunk, QRadar, and any antivirus solutions if they have them. It is feasible to integrate with third parties so that we can get access together to protect the end-users and the environment.
What about the implementation team?
It requires around ten people, dedicated engineers, to manage this.
What was our ROI?
From the security perspective, it has a layered approach for the connector. But with FortiGate, it's like simply connecting to the network, and it doesn't have that much security.
What's my experience with pricing, setup cost, and licensing?
It is a little bit too costly because of the maintenance and the product scalability. It is a little bit costly compared to other products, and it has more features compared to them. That is where the pricing seems more.
What other advice do I have?
I would rate it a nine out of ten. It is recommended for hybrid users, where the work-from-anywhere concept is followed. It is very useful for them to get complete visibility on the end-user and to secure their environment by bridging from outside.
Deepak Nagar
A fast and scalable solution that is secure and can be modified according to the customers’ requirements
Reviewed on Jan 18, 2024
Review provided by PeerSpot
What is our primary use case?
We use the solution to connect private applications in the data center or the SaaS applications on the cloud.
What is most valuable?
The solution is secure.
What needs improvement?
The connectivity could be faster. Sometimes, the issue is internal.
For how long have I used the solution?
I have been using the solution for two years.
What do I think about the stability of the solution?
The product is pretty stable. It has a set of compliance that it follows. It is flexible. We can modify it according to our requirements. I rate the stability a nine out of ten. Sometimes, there are issues with the internet and cloud connectivity.
What do I think about the scalability of the solution?
We have 500 users in our organization. The product is completely scalable. We can scale it up to 20,000 easily.
How are customer service and support?
We contact the support team two or three times a year if we need to change some configuration. The technical team is good. The team works on our requests according to the priority levels assigned. The team calls us quickly if we raise a P1 request.
How was the initial setup?
The tool is easy to deploy. We have to deploy the agent on the user’s machine. The agent takes 20 minutes to be installed. The tool is deployed in the data center. If the prerequisites are set up already, the product can be deployed in two or three hours.
It is a cloud-based solution. We need two support engineers and one senior resource with more than seven years of experience in networking to deploy and maintain the tool. We need one product manager for coordination.
What about the implementation team?
The deployment can be done in-house.
What was our ROI?
The solution provides security. The users can access the application securely. The user experience is also good. The solution improves the latency and connectivity. When we connect through our legacy solution or VPN, we face delays. Zscaler is a fast solution.
What's my experience with pricing, setup cost, and licensing?
Price is not a problem. We prefer Zscaler because it is a secure product.
Which other solutions did I evaluate?
We also evaluated Forcepoint. We did a POC and demo of the solutions. We evaluated the products based on the use cases and their performance. Then, we chose Zscaler.
What other advice do I have?
Once the sales activity and upgrades were complete, we requested some licenses and started utilizing them. I will recommend the solution to others. Organizations must remove the bottlenecks and latency issues before converting from the legacy VPN connectivity to Zscaler. Otherwise, we will face some connectivity issues. Overall, I rate the tool a nine out of ten.