F5 BIG-IP software from Seattle-based F5 Networks is a load balancing and application protection solution suite available on cloud or via virtual editions, on a subscription or perpetual licensing basis. The BIG-IP suite of products supports a wide range of security and application performance needs. The suite includes BIG-IP Local Traffic Manager (LTM) traffic management and optimization, BIG-IP DNS, BIG-IP Access Policy Manager (APM) identity and password protection, BIG-IP Application…
N/A
Zscaler Internet Access
Score 8.8 out of 10
N/A
Zscaler Internet Access is delivered as a security stack as a service from the cloud, and is designed to eliminate the cost and complexity of traditional secure web gateway approaches, and provide easily scaled protection to all offices or users, regardless of location, and minimize network and appliance infrastructure.
The scale, performance, and configuration for various scenarios have already been mentioned. The versatility, reliability, etc., are dependable and well-known. Being the industry leader, it is almost a standard, and no one can get fired for recommending F5 compared to some of the new offerings, which are not battle-tested.
Zscaler Internet Access is an internet tunnel that pairs with the network adapter to secure traffic between servers and workstations. It can refresh policies automatically and log intrusions but does not broadcast intrusions. Cloud-based Zscaler Internet Access is easy to deploy and scale, with no hardware or software needed. In a hybrid model, Zscaler Internet Access performs some security functions on-premises and others in the cloud, allowing organizations to keep infrastructure. There is a slight learning curve from VPN and appliance architecture to this paradigm.
Zscaler completely moved away from the traditional firewall setup to a hosted firewall solution. We don't have to worry about the hardware failing or maintaining it as part of our service plan compared to our on-premise firewall. Zscaler has a lot of data centres across the world where they are maintaining their solutions so mobile consultants will always be close to one of their data centres.
Rolling out Zscaler solutions to our end customers' computers is actually pretty easy and hassle-free. As part of onboarding of new employees we can set up the Zscaler solution and push it to our end users' machines and get them connected to the cloud solutions.
Zscaler does proper market research on the latest emerging threats and they keep their firewall patched and updated to the latest versions so the security team does not have to worry about keeping the firewall updated.
I think the policy configuration that had some improvements on the ASM word things, improvements may be on the signatures that would be good because it's a little bit confusing on the ASL, how they are updated and deployed, and this staging. So that's something that could be.
Zscaler is a mandatory solution required by almost every large organization with a workforce working remotely or using cloud-based apps. Its deployment is relatively easy and it keeps on working in the background without actively bothering the user. Apart from a few weird messages which a user is unable to comprehend, Zscaler is able to provide fast and safe access to the internet and other external applications.
On the occasions when we've had to engage f5 support, they have been great. They have always resolved our issues quickly and been easy to work with and professional. The reason I give them a 10 out of 10, however, is because when we've had issues that have crossed over between the f5 BIG-IP, our Cisco switches, and our Microsoft IIS server the f5 support representatives have been extremely knowledgeable about every product and device involved and have been able to troubleshoot end-to-end without having to engage other vendors.
I cannot give a fair rating for this as I have not had to contact Zscaler support. There was one time we had to contact them because we needed to check if they were having issues on their end. Our ISP was actually the problem but support seemed very friendly.
So the cloud versions, and admittedly we did not do the Imperva on-prem solution. We only went with cloud. There's a lot of idiosyncrasies, like you can't use real IP addresses, you must snap. And that caused us problems with DNS and DNS routing. So we had to turn on some features with F5 that did remediate the issue, like using the one connect profiles, but that did cause some other problems identifying traffic and we had to make some eye roll changes to use the exported four headers.
Zscaler Intenet Access proved to be superior and the difference for us was the speed of policy delivery since your policy is applied in a web console and is effective in a matter of seconds. Another point to congratulate the solution is its compatibility with different platforms (macOS, Linux, Windows, Android, and iOS).