Likelihood to Recommend We were wanting to prove the concept of a low touch process for quickly spinning up boilerplate AWS environments. We were able to get started quickly and to ensure that the AWS Well-Architected Framework principles were followed - at least upfront - however, we found that for our use case and expertise level it ultimately wasn't a fit. We have the skills on our team to manage more of this on our own. My recommendation would be contingent on what skills are already available on your team: if you can "do it yourself" you might as well so that you don't pay for resources you don't need and you have finer grain control over what's created.
Read full review Zscaler Internet Access is an internet tunnel that pairs with the network adapter to secure traffic between servers and workstations. It can refresh policies automatically and log intrusions but does not broadcast intrusions. Cloud-based Zscaler Internet Access is easy to deploy and scale, with no hardware or software needed. In a hybrid model, Zscaler Internet Access performs some security functions on-premises and others in the cloud, allowing organizations to keep infrastructure. There is a slight learning curve from VPN and appliance architecture to this paradigm.
Read full review Pros Easily create new AWS accounts. Easily secure and manage AWS accounts. Landing zone with SSO is a huge win for larger teams. Read full review Zscaler completely moved away from the traditional firewall setup to a hosted firewall solution. We don't have to worry about the hardware failing or maintaining it as part of our service plan compared to our on-premise firewall. Zscaler has a lot of data centres across the world where they are maintaining their solutions so mobile consultants will always be close to one of their data centres. Rolling out Zscaler solutions to our end customers' computers is actually pretty easy and hassle-free. As part of onboarding of new employees we can set up the Zscaler solution and push it to our end users' machines and get them connected to the cloud solutions. Zscaler does proper market research on the latest emerging threats and they keep their firewall patched and updated to the latest versions so the security team does not have to worry about keeping the firewall updated. Read full review Cons The AWS SSO GUI is not very intuitive and determining how to apply policies to users without creating redundant logins has been a challenge. The default guardrails do not fully encompass all the security checks that we needed. There does not appear to be any way to control roles at the IAM level from the control tower account through the GUI. Some features on AWS accounts still require logging into the individual account with the root user and cannot be done from AWS Control Tower. Read full review Chat or email support is not available. Only option is to either call them or raise a ticket by logging into their website. Pricing is not transparent and quote based. Access to websites is a little too slow with Zscaler monitoring on. Read full review Usability There is no way to easily close an AWS account whether it was created manually or via the AWS Control Tower. It takes too many steps to close it vs to provision a new AWS account
Read full review Zscaler is a mandatory solution required by almost every large organization with a workforce working remotely or using cloud-based apps. Its deployment is relatively easy and it keeps on working in the background without actively bothering the user. Apart from a few weird messages which a user is unable to comprehend, Zscaler is able to provide fast and safe access to the internet and other external applications.
Read full review Support Rating I cannot give a fair rating for this as I have not had to contact Zscaler support. There was one time we had to contact them because we needed to check if they were having issues on their end. Our ISP was actually the problem but support seemed very friendly.
Read full review Alternatives Considered Using
AWS Systems Manager and other slightly lower level components has been helpful for us to manage parts of our AWS presence at a more granular level than AWS Control Tower was designed for. It's not at all an apples-to-apples comparison as they solve different use cases, but for us, the use case associated with
AWS Systems Manager was a better fit for our specific needs and skillsets. We did not need everything that AWS Control Tower was doing for us.
Read full review Zscaler Intenet Access proved to be superior and the difference for us was the speed of policy delivery since your policy is applied in a web console and is effective in a matter of seconds. Another point to congratulate the solution is its compatibility with different platforms (macOS, Linux, Windows, Android, and iOS).
Read full review Return on Investment Less time manually deploying accounts which was error prone. Central logging allowed us to have 1 place to view logs. Read full review ROI is there and it is safeguarding the data and user access to net. Being a cloud based can be scaled up when required. Third parties can be allowed based on the company IT policies (Clients or Vendors etc.) for business perspective. Read full review ScreenShots