A review from an organisation with both on-prem and remote workforce.
May 06, 2022
A review from an organisation with both on-prem and remote workforce.
Score 6 out of 10
Vetted Review
Verified User
Software Version
Business
Overall Satisfaction with Zscaler Internet Access
Our office has a hybrid working environment with corporate employees working out of the corporate office and then the remote consultants. We use Zscaler as our firewall for our hosted solutions on Azure and AWS. We are also maintaining a Fortinet NGFW on-premise for our corporate staff. Zscaler is primarily tasked with protecting our hosted solutions on the cloud. We also route some outbound traffic from our corporate office via Zscaler to the internet. The primary reason we bought Zscaler is to allow remote consultants to connect into our secure services hosted online.
Pros
- Zscaler completely moved away from the traditional firewall setup to a hosted firewall solution. We don't have to worry about the hardware failing or maintaining it as part of our service plan compared to our on-premise firewall. Zscaler has a lot of data centres across the world where they are maintaining their solutions so mobile consultants will always be close to one of their data centres.
- Rolling out Zscaler solutions to our end customers' computers is actually pretty easy and hassle-free. As part of onboarding of new employees we can set up the Zscaler solution and push it to our end users' machines and get them connected to the cloud solutions.
- Zscaler does proper market research on the latest emerging threats and they keep their firewall patched and updated to the latest versions so the security team does not have to worry about keeping the firewall updated.
Cons
- My personal opinion about Zscaler is their idea is that all the services are online and are moving to the cloud but the truth is some of them have to stay on-premise and employees still need to work from an office. Zscaler simply doesn't have any on-premise solutions like an NGFW to provide a complete package. We are supporting Fortinet NGFW for our on-premise solution.
- As mentioned earlier Zscaler being hosted online we don't get the full flexibility of managing our firewalls. Although it's a good thing we keep running into problems like when we want to allow list a service from a specific source IP Zscaler cannot provide a static IP for that. They route traffic through multiple IP addresses and the IP's keep changing every 15-20 minutes. So you cannot allow list a specific IP on the receiving end. The only way to move forward would be to allow an entire range of IP's which opens a security loophole on the receiving end.
- For every small thing we have to keep opening a ticket with Zscaler. Their response rate is fast but still in a fast-moving world it's not fast enough. Especially since we need to get approval from our change control to get something done and then again we have to raise a ticket to get something done from the Zscaler side.
- Zscaler lets our consultants connect to our services like service now or SharePoint securely.
- Zscaler maintains our internet gateway sort to speak so that we don't have to pay our telecom provider for MPLS lines or separate static IP's on-premise. Without a solution like Zscaler we would still be hosting some services on-prem and have to engage with our ISP to maintain lease lines or static IPs.
- Zscaler internet access works well with our on-premise SIEM solution (Splunk) and sends really robust logs which we can ingest for further analysis if needed.
- We cancelled our lease line contract and our static IP contract from our ISP which is a key win for us.
- We can make sure that our users are connecting to our share drive securely even if they are on the road which is also a key win.
- The negative side with Zscaler is we cant choose our internet gateway IP address as its managed by Zscaler.
- Another negative side is Zscaler is not a complete package for us as we maintain our on-premise firewall (Fortinet) along with Zscaler.
Fortinet's hosted solution is not really supported in my opinion. Opening a ticket for hosted firewall is a pain and even during the POC phase we had to work with engineers who really didn't understand our use case and we were not really happy with the way they presented the solution.
Do you think Zscaler Internet Access delivers good value for the price?
Yes
Are you happy with Zscaler Internet Access's feature set?
No
Did Zscaler Internet Access live up to sales and marketing promises?
Yes
Did implementation of Zscaler Internet Access go as expected?
No
Would you buy Zscaler Internet Access again?
Yes
Comments
Please log in to join the conversation