Listing Thumbnail

    Cloud Security Connector for Zscaler (ZIA) with PriCPA

     Info
    Deployed on AWS
    Free Trial
    The Cloud Security Connector is the most straightforward way to connect to Zscaler (ZIA) solution with High Availability, protecting public and private traffic.

    Overview

    Play video

    The Cloud Security Connector (CSC) for AWS is an EC2 instance that connects internal AWS resources to Zscaler Internet Access (ZIA). The CSC for AWS lets you connect securely to Zscaler ZIA up to 3 Gbps without hassle. The primary purpose of the CSC family is simplicity. The CSC for AWS comes with all the configurations required, and it works with the Zscaler API. After launching the CSC from the AWS Marketplace using the CloudFormation template provided, the CSC will automatically select the best ZEN nodes, do the GRE tunnels and create the Location on your Zscaler console. All Zscaler ZIA functionalities are available, providing complete visibility of all Internet traffic. In addition, the CSC provides high availability, changing the default route to Zscaler when configured as a High Availability pair and an easy way to manage direct bypasses to trusted sites using your public IP. Includes Private Cloud Private Access (PriCPA) functionality that allows you to create a full mesh among the CSCs communicating your private traffic on a Zero Trust model. It is simple to install and completely manageable using Amazon Systems Manager, Rundeck (or a similar tool, like Ansible, Salt, etc.), and SSH.

    Highlights

    • The CSC protects your Public (ZIA) and Private (PriCPA) Traffic.
    • The CSC is simple to deploy and fully compliant with Zscaler's best practices.
    • The CSC provides automatic detection and configuration of the Zscaler Nodes, automatic default route selection for High Availability and easy Bypass functionality.

    Details

    Delivery method

    Delivery option
    Cloud Security Connector for Zscaler with PriCPA

    Latest version

    Operating system
    Ubuntu 22.04 LTS (Jammy Jellyfish)

    Deployed on AWS

    Unlock automation with AI agent solutions

    Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
    AI Agents

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Free trial

    Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

    Cloud Security Connector for Zscaler (ZIA) with PriCPA

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Usage costs (20)

     Info
    Dimension
    Cost/hour
    r5.large
    $0.18
    m5n.large
    $0.18
    r5a.xlarge
    $0.18
    m5zn.xlarge
    $0.18
    m5.large
    $0.18
    t2.small
    $0.18
    t3.small
    $0.18
    m5a.xlarge
    $0.18
    t3a.small
    $0.18
    t3a.medium
    $0.18

    Vendor refund policy

    We do not currently support refunds, but you can cancel at any time.

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Cloud Security Connector for Zscaler with PriCPA

    The Cloud Security Connector (CSC) for AWS is an EC2 instance that connects internal AWS resources to Zscaler Internet Access (ZIA). The CSC for AWS lets you connect securely to Zscaler ZIA up to 3 Gbps without hassle. The primary purpose of the CSC family is simplicity. The CSC for AWS comes with all the configurations required, and it works with the Zscaler API. After launching the CSC from the AWS Marketplace using the CloudFormation template provided, the CSC will automatically select the best ZEN nodes, do the GRE tunnels and create the Location on your Zscaler console. All Zscaler ZIA functionalities are available, providing complete visibility of all Internet traffic. In addition, the CSC provides high availability, changing the default route to Zscaler when configured as a High Availability pair and an easy way to manage direct bypasses to trusted sites using your public IP. Includes Private Cloud Private Access (PriCPA) functionality that allows you to create a full mesh among the CSCs communicating your private traffic on a Zero Trust model. It is simple to install and completely manageable using Amazon Systems Manager, Rundeck (or a similar tool, like Ansible, Salt, etc.), and SSH

    CloudFormation Template (CFT)

    AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."

    Additional details

    Usage instructions

    Access the Cloud Security Connector configuration console via SSH to the first IP of the internal interface (eth1, labelled: csc-gre-single-internal-interface), using your SSH key and the user: "cscadmin". Example: ssh -i <yourkey.pem> cscadmin@<eth1 IP> . All Configuration and Monitoring tools are available via menu selection. Alternatively, if you deployed the CSC passing UserData values and registering the SSM Agent, you can check the status "Running Commands" from AWS Systems Manager.

    Support

    Vendor support

    We provide support for all our customers via Support Portal. Our response time is usually less than 24 hrs. Support Portal page: http://support.maidenheadbridge.com , Support Email: support@maidenheadbridge.com 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    100
    In Network Infrastructure, Security
    Top
    50
    In Network Infrastructure

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    0 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    0 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Network Traffic Routing
    "Automated routing of public and private network traffic through Zscaler Internet Access (ZIA) with up to 3 Gbps throughput"
    High Availability Configuration
    "Supports high availability deployment with automatic ZEN node selection and dynamic default route switching"
    API Integration
    "Native integration with Zscaler API for automatic configuration and management of network connections"
    Zero Trust Access Model
    "Implements Private Cloud Private Access (PriCPA) for creating full mesh communication with zero trust network principles"
    Cloud Management
    "Fully manageable through Amazon Systems Manager, SSH, and configuration management tools like Rundeck, Ansible, and Salt"
    Content Inspection
    Patented ByteScan engine performs inline content inspection for all traffic, including SSL traffic with minimal latency
    Threat Detection
    Real-time threat correlation using dynamic risk computation for web page objects and domains
    Cloud Security Update
    Delivers over 175,000 unique security updates daily with immediate threat blocking across global cloud infrastructure
    Distributed Cloud Architecture
    Globally distributed cloud-native security platform that eliminates traditional gateway appliance approaches
    Advanced Threat Protection
    Comprehensive security services including Sandbox, Firewall, and Data Loss Prevention (DLP) capabilities
    Zero-Trust Network Architecture
    Implements CSA Software Defined Perimeter (SDP) standard with dynamic trust-based access control and granular authorization mechanisms
    Multi-Platform Device Support
    Supports access across Windows, MacOS, Android, iOS, Linux, and web browsers with comprehensive device compatibility
    Distributed Security Gateway
    Utilizes distributed security gateway clusters to optimize network transmission and handle high concurrency access scenarios
    Identity Authentication
    Integrates advanced identity authentication mechanisms for secure and controlled remote access environments
    Network Concealment Technology
    Employs network obfuscation techniques to reduce potential attack surfaces and minimize security risks

    Security credentials

     Info
    Validated by AWS Marketplace
    FedRAMP
    GDPR
    HIPAA
    ISO/IEC 27001
    PCI DSS
    SOC 2 Type 2
    No security profile
    -
    -
    -
    No security profile

    Contract

     Info
    Standard contract
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    2 external reviews
    Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
    Tejesh S

    Prevents the end-user system from being compromised and good integration capabilities

    Reviewed on Aug 07, 2024
    Review provided by PeerSpot

    What is our primary use case?

    This solution is for hybrid users who work from anywhere. It's like an end-user firewall. We can have restrictions on the end-user. If they come to the office, we have the infrastructure set up, and we can restrict access. 

    But if they are connecting to the office from a personal network, like when working from home, we don't have any visibility. That is where Zscaler will help us get control over the end user. Wherever they are, on any network, the organization policy will be pushed to the end-user.

    What is most valuable?

    It is very beneficial in preventing the end-user system from being compromised. It can give visibility on the end user's internet access. If the user is accessing any malicious content, suspicious things, or phishing attacks, those things can be mitigated by using Zscaler. Those kinds of traffic will be blocked. That is one of the advantages.

    What needs improvement?

    If there are any issues at the network level, such as users working from home, then it is very hard to catch up with them and resolve issues on the end-user machine. 

    If the user doesn't have internet access because of Zscaler... Sometimes, it might be a rare case, but it is very challenging for us to take action because they don't have internet. It can be difficult for us to troubleshoot.

    The user accessibility; it is better to improve that for control accessing and configuring. It's very complicated to do the configuration. The IT job is a little bit complicated. Those who have the experience can do that. It's not easy or handy to use this tool.

    What do I think about the stability of the solution?

    It has good stability, and it is very secure in terms of security.  

    What do I think about the scalability of the solution?

    Scalability is complicated. I would rate it an eight out of ten. It can support more than 10,000 end users.

    How are customer service and support?

    We have used tech support to solve some kind of issues, network issues, or any product-level issues. We used to connect with the tech support of Zscaler.

    Sometimes we used to get faster support. If it's an issue with the product level, then it will take some time. That's also fast only. The support is good from their end.

    Which solution did I use previously and why did I switch?

    We used to use FortiSASE from Fortinet. It follows the same zero-trust security access concept. It is also in the same picture. But if you compare it to Zscaler, Zscaler is better compared to FortiGate.

    Zscaler is very secure, and it has more features, like application segmentation, where only trusted users can access limited resources within the private environment.

    How was the initial setup?

    The deployment time depends on the environment and how many users are there. For example, for a hundred users, we can complete the deployment within two weeks.

    It can integrate with multiple third-party solutions like Microsoft for authentication purposes, and Splunk, QRadar, and any antivirus solutions if they have them. It is feasible to integrate with third parties so that we can get access together to protect the end-users and the environment.

    What about the implementation team?

    It requires around ten people, dedicated engineers, to manage this.

    What was our ROI?

    From the security perspective, it has a layered approach for the connector. But with FortiGate, it's like simply connecting to the network, and it doesn't have that much security.

    What's my experience with pricing, setup cost, and licensing?

    It is a little bit too costly because of the maintenance and the product scalability. It is a little bit costly compared to other products, and it has more features compared to them. That is where the pricing seems more.

    What other advice do I have?

    I would rate it a nine out of ten. It is recommended for hybrid users, where the work-from-anywhere concept is followed. It is very useful for them to get complete visibility on the end-user and to secure their environment by bridging from outside.

    Deepak Nagar

    A fast and scalable solution that is secure and can be modified according to the customers’ requirements

    Reviewed on Jan 18, 2024
    Review provided by PeerSpot

    What is our primary use case?

    We use the solution to connect private applications in the data center or the SaaS applications on the cloud.

    What is most valuable?

    The solution is secure.

    What needs improvement?

    The connectivity could be faster. Sometimes, the issue is internal.

    For how long have I used the solution?

    I have been using the solution for two years.

    What do I think about the stability of the solution?

    The product is pretty stable. It has a set of compliance that it follows. It is flexible. We can modify it according to our requirements. I rate the stability a nine out of ten. Sometimes, there are issues with the internet and cloud connectivity.

    What do I think about the scalability of the solution?

    We have 500 users in our organization. The product is completely scalable. We can scale it up to 20,000 easily.

    How are customer service and support?

    We contact the support team two or three times a year if we need to change some configuration. The technical team is good. The team works on our requests according to the priority levels assigned. The team calls us quickly if we raise a P1 request.

    How was the initial setup?

    The tool is easy to deploy. We have to deploy the agent on the user’s machine. The agent takes 20 minutes to be installed. The tool is deployed in the data center. If the prerequisites are set up already, the product can be deployed in two or three hours.

    It is a cloud-based solution. We need two support engineers and one senior resource with more than seven years of experience in networking to deploy and maintain the tool. We need one product manager for coordination.

    What about the implementation team?

    The deployment can be done in-house.

    What was our ROI?

    The solution provides security. The users can access the application securely. The user experience is also good. The solution improves the latency and connectivity. When we connect through our legacy solution or VPN, we face delays. Zscaler is a fast solution.

    What's my experience with pricing, setup cost, and licensing?

    Price is not a problem. We prefer Zscaler because it is a secure product.

    Which other solutions did I evaluate?

    We also evaluated Forcepoint. We did a POC and demo of the solutions. We evaluated the products based on the use cases and their performance. Then, we chose Zscaler.

    What other advice do I have?

    Once the sales activity and upgrades were complete, we requested some licenses and started utilizing them. I will recommend the solution to others. Organizations must remove the bottlenecks and latency issues before converting from the legacy VPN connectivity to Zscaler. Otherwise, we will face some connectivity issues. Overall, I rate the tool a nine out of ten.

    View all reviews