Most people use Zscaler SASE as a replacement for VPNs. You know, with a VPN, once you establish connectivity to the network, you have unrestricted access. But with Zscaler SASE, you have strict access control. You don't get any access unless you adhere to the policies set in Zscaler. 

So, you can control who has access to specific applications at a URL level rather than granting access at the physical IP level. That's what most people appreciate about it. IPs provide access to everything on the machine, whereas Zscaler SASE provides access to specific services within the network. 

The most valuable feature is its ability to establish connectivity for remote users and remote endpoints. It offers a high level of granularity compared to typical VPNs, which also encapsulate a lot of I/O. By using Zscaler SASE for home access or access in remote areas, it bypasses the issues introduced by ISPs. 

Sometimes ISPs block certain protocols or applications, but when everything is encapsulated within the Zscaler Cloud, the ISPs don't get a chance to interfere or block. This is especially helpful when it comes to file sharing. Sometimes ISPs block it, so we can't share files using cloud services remotely. Zscaler SASE gives non on-premise users the ability to securely access and sync with on-premise resources.

The area that requires improvement is their support. The current support is lacking. 

Other than that, once you have the right people on the phone, the product performs as advertised. However, multiple clients have complained about the support. 

I have been working with Zscaler SASE for two years. 

When it comes to stability, it's similar to any outsourced service. There will always be some outages because of the global nature of the network and the involvement of various cloud providers. There are many moving parts. I don't anticipate more frequent outages, but it's important to acknowledge that Zscaler is not flawless.

I haven't encountered any clients who have had problems with scalability or performance issues. There were a couple of outages less than six months ago, but that's to be expected. Every service experiences occasional outages. It's like having allergies; every product at a global scale will have such issues. 

I have heard a lot of complaints from my clients about the support. Even VMware's support has declined since it got acquired by Broadcom. 

So, we're not receiving the kind of support we used to get, like from Cisco. It's more akin to Microsoft and internal support.

Neutral

The initial setup does take some time to get used to. Zscaler does a good job with its specialized services in setting up and installing the product. 

Once you start using the product, any issues that arise are generally handled well. The support is not as terrible as it may seem at first. While there may be instances where one technician transfers the case to another technician, it doesn't mean starting the entire process from scratch.

However, most people are deploying it on AWS or Azure. I have some clients who still prefer on-premises deployment. It depends on their specific requirements.

The pricing is quite high, especially when it comes to the gateway. It costs around $10,000 per gateway per data center, which can be seen as ridiculous. Other cloud-based solutions charge based on the number of clients without the need for a gateway for each data center. 

This pricing approach doesn't sit well with my clients anymore. When Zscaler SASE had a monopoly in the market, it could get away with it, but now there are alternatives cutting into its market share.

I would rate Zscaler's pricing model as an eight out of ten, with one being cheap and ten being expensive. 

There are other solutions like VMware that also have high costs, but Zscaler SASE stands out because of the expensive gateway for each data center. It's not a cheap implementation. 

Every time you set up an Azure data center, you have to spend another $10,000 to $15,000 on a gateway. It adds up quickly. Creating a VPN between data centers might be an alternative, but it introduces a single point of failure. So, that pricing policy alone makes it very expensive.

It's a great product. My advice for those considering using it is to understand the concept of zero access. It's different from just having VPN access. If someone can perform a DNS lookup, they still have access. 

People are often stuck in a VPN-centric mindset. It requires a paradigm shift, similar to transitioning from traditional applications to Microsoft applications. Instead of focusing on what services the user needs, it's about restricting access to specific applications regardless of the user. Once you embrace this mindset, it becomes easier to navigate. It's not a major impact, but it does require a change in thinking.

Overall, I would rate this product an eight out of ten, with the exception of pricing and support issues. It is one of the better implementations available, surpassing Cloudflare's capabilities. However, there are still areas for improvement, particularly in terms of pricing and support.

It pretty much covers, like, if you implement it, it's going to cover, like, 80 to 90% of real estate for the organization.

On DLP terms, Zscaler Cloud DLP ensures that data doesn't go outside of the organization. So on the network level, Zscaler does a pretty good job.

The solution doesn't do a very good job of detection, but they definitely do a very good job of implementing the policies.

There is room for improvement in detection. From the detection perspective, like, how it detects the violations.

Another area of improvement is implementation through non-client connectors. The solution can be implemented in two ways. One uses the back file; the other one uses client connectors. So the client connector is pretty fast, but when it comes to non-client connectors and procedures, it's kind of delayed and slow. The policies don't reflect very soon. It takes, like, a day and, like, hours to get implemented. But if it's a client connector, it takes, like, two minutes. It's just so good.

In future releases, I would like to see two things. It's not more of a feature but more like an enhancement. So I would like to see an enhancement in their proximity when detecting credit card details and past support details, and PII data.

Another area of improvement is support. 

I have been using this solution for around nine months. I use the latest version 6.2.

I would rate the stability an eight out of ten.

Scalability is pretty good. I would rate the scalability a nine out of ten. 

There is room for improvement in support. 

Neutral

The initial deployment is pretty easy. That's pretty straightforward.

We have definitely seen an ROI. 

The price is a little bit on the higher side, especially if you are going to add, like, packs or bundles to your subscription. But otherwise, it's pretty decent.

I would suggest to keep your policies simple. Don't complicate them because it depends on your organization and how you set it up. So once you are doing it, just keep it clean and simple.

Overall, I would rate the solution an eight out of ten. 

We are using it for monitoring the global areas, which Zscaler considers for people who are roaming around the system to have a secure connection to internal applications.

It has made things easier and more secure while connecting to the client's private applications.

The most valuable feature is the manageability of the micro tunnels.

There is improvement in enhancing proper manageability, policies, and logs. So, log management could be improved.

Moreover, I'd just like to see an improvement in stability.

I have been using this solution for six months. We use the latest version 6.1. 

I would rate the stability a seven out of ten. 

Scalability is good. 

The setup is straightforward, but it's a little more technical. Nevertheless, it's pretty straightforward.

We have it deployed on both cloud and on-premises.

We have definitely seen an ROI. 

Overall, I'll rate it at nine out of ten.

We manage multiple customers using ZIA and ZPA to access internal resources and secure their own web applications. It acts like a VPN access connectivity, and ZIA is used as an internet gateway for users.

Sandboxing, DLP, and SSL inspection engine are the most valuable features of Zscaler SASE. Zscaler SASE is an easy-to-use tool that manages the cloud security architecture.

Currently, we are using APIs, and we need some enhancement on the script running with the Zscaler SASE cloud API. Also, it would be better if we could integrate with other vendors. We often face performance and latency issues with Zscaler SASE.

I have been using Zscaler SASE for the last four years.

I rate Zscaler SASE a seven and a half out of ten for stability. We face performance issues if there is any anomaly on the nodes bonded with our architecture from some location. We also face some routing and latency issues on Zscaler SASE that need to be rectified. In addition, there are no dedicated Zscaler nodes in countries like China and Dubai.

I rate Zscaler SASE a six out of ten for scalability.

Zscaler SASE's deployment time depends upon your design, architecture, and infrastructure size. If you have a small network of offices, the deployment will take at least three to four days. But if you have a larger architecture, deployment time will depend upon your planning, staging, and implementation.

With Zscaler SASE, we can manage multiple features in a single platform. We can manage all allocations that we have in our architecture on a single platform. This reduces the operation cost and takes fewer resources to deploy because we have APIs in Zscaler SASE. API would be the simplest way to configure anything across our sites if we have a larger retail architecture.

ZPA is configured on our architecture, but ZIA's traffic goes to the Zscaler-hosted cloud.

Overall, I rate Zscaler SASE an eight out of ten.

We can use Zscaler Private Access as a recipient for external communication. Zscaler Private Access can help users sitting in our organization domain and trying to access their own internal company sources. The traffic is forwarded to us through the Zscaler Private Access node, which we can have in our own infrastructure, or it can be hosted on the Zscaler private cloud.

We are using Zscaler Private Access to build our own Zscaler private node. Although this node is maintained and managed by Zscaler, it resides in our own data center or domain. So the traffic forwarded from the user system towards any internal resource will go through this private node.

Zscaler Private Access is a platform that eliminates the complexity of VPN configuration. Zscaler Private Access is easy to configure and manage and takes less time to configure. We can manage our own application or secure our application and our own internal traffic. We can create a security node in our own infrastructure.

We are getting some issues with internet access. Authenticating or onboarding something on Zscaler Private Access manually is a troublesome task. Users report application access or latency issues with Zscaler Private Access.

I have been using Zscaler Private Access for the last two and a half years.

I rate Zscaler Private Access eight and a half out of ten for stability.

I rate Zscaler Private Access an eight out of ten for scalability.

Zscaler Private Access' initial setup is not as easy as ZIA, but it's okay compared to other platforms.

Zscaler Private Access will ease your task, equal to a VPN. Lots of companies are using their own VPN access.

Overall, I rate Zscaler Private Access an eight out of ten.