Zscaler- Secures internet access prevents breaches enable remote work and aid compliance.
Updated July 22, 2025
Zscaler- Secures internet access prevents breaches enable remote work and aid compliance.
Score 9 out of 10
Vetted Review
Verified User
Software Version
Business
Overall Satisfaction with Zscaler Internet Access
We generally used this for securing outbound internet traffic for our large workforce. It replaces legacy proxy server and provides advanced threat protection, web filtering, Data loss prevention (DLP), SSL inspection, and cloud firewall capabilities.
Pros
- Zero trust enforcement.
- Cloud-native simplicity and scalability.
- Strong threat protection and DLP.
- Eliminate VPN bottlenecks.
Cons
- Cost/licensing complexity.
- Latency/performance hiccups.
- SSL inspection complexity.
- Risk mitigation, reduced breach cost to 70%.
- Operational saving around 30-50% by cutting expenses on hardwares and MPLS.
- Zscaler's DLP and auditing help avoid fines from regulators. This is pure ROI.
While all offered robust security, Zscaler Internet Access (ZIA) stood out for three key reasons:
1. Cloud-Native Architecture & Performance: ZIA’s true multi-tenant cloud scales dynamically without hardware constraints. Competitors like Palo Alto required complex hybrid deployments, while ZIA delivered lower latency and consistent global coverage—critical for our distributed workforce.
1. Cloud-Native Architecture & Performance: ZIA’s true multi-tenant cloud scales dynamically without hardware constraints. Competitors like Palo Alto required complex hybrid deployments, while ZIA delivered lower latency and consistent global coverage—critical for our distributed workforce.
2. SSL Inspection at Scale: ZIA decrypted and inspected 100% of TLS/SSL traffic without performance penalties. Alternatives either struggled with scalability (Cisco) or added management overhead (Netskope) for similar depth of inspection.
3. Unified Admin Experience & Support: The centralized policy dashboard reduced configuration time by ~40% compared to Palo Alto’s fragmented modules. Combined with Zscaler’s exceptional support (which resolved critical bugs proactively), this minimized operational overhead—aligning with our 10/10 support rating.
Do you think Zscaler Internet Access delivers good value for the price?
Yes
Are you happy with Zscaler Internet Access's feature set?
Yes
Did Zscaler Internet Access live up to sales and marketing promises?
Yes
Did implementation of Zscaler Internet Access go as expected?
Yes
Would you buy Zscaler Internet Access again?
Yes
Zscaler Internet Access Feature Ratings
Using Zscaler Internet Access
80000 - Approximately 80,000+ users across ICICI Bank leverage Zscaler Internet Access daily, spanning:
1. Employee Access: Hybrid staff (including 40% BYOD), contact centers, and branch operations.
2. Digital Banking Systems: Automated traffic from customer-facing platforms (mobile app, net banking, API gateways for UPI/IMPS).
3. Third Parties: Vendor/partner access to secured development and testing environments.
They represent various business functions including Retail Banking, Digital Channels, Operations & IT, Treasury & Markets, and Compliance/Risk etc.
1. Employee Access: Hybrid staff (including 40% BYOD), contact centers, and branch operations.
2. Digital Banking Systems: Automated traffic from customer-facing platforms (mobile app, net banking, API gateways for UPI/IMPS).
3. Third Parties: Vendor/partner access to secured development and testing environments.
They represent various business functions including Retail Banking, Digital Channels, Operations & IT, Treasury & Markets, and Compliance/Risk etc.
10 - In-House Support Headcount: Approximately 10 dedicated FTEs manage Zscaler Internet Access (ZIA) daily at ICICI Bank, supplemented by our 24/7 SOC/NOC teams.
This includes:
4-Infrastructure/Security Engineers (L3 support, policy tuning, RCA).
2-Cloud Network Architects (Zscaler Private Access/ZPA integration, scalability).
3-Security Analysts (threat hunting, DLP, SSL inspection oversight).
1-Vendor Liaison Manager (escalations, feature requests).
This includes:
4-Infrastructure/Security Engineers (L3 support, policy tuning, RCA).
2-Cloud Network Architects (Zscaler Private Access/ZPA integration, scalability).
3-Security Analysts (threat hunting, DLP, SSL inspection oversight).
1-Vendor Liaison Manager (escalations, feature requests).
- RBI Compliance & Encrypted Traffic Inspection
- Secure Digital Banking (UPI/iMobile/API Protection)
- Zero-Trust Workforce Access for Hybrid Operations
- Third-Party Vendor Risk Mitigation
- Cloud Workload & Data Center Security
- Real-Time UPI Fraud Mitigation Engine
- API Banking Zero-Trust Microsegmentation
- Branch-in-a-Box Secure Deployment
- ATM/IoT Traffic Anomaly Detection
- Digital Banking SLA Enforcement
- AI-Driven RBI Compliance Automation
- GenAI-Powered Banking Chatbot Security
- IoT/OT Security for Smart Branches & ATMs
- DeFi & Blockchain API Threat Protection
- Mergers & Acquisition (M&A) Security Onboarding
Evaluating Zscaler Internet Access and Competitors
Yes -
Key limitations driving replacement:
I think we replaced them (Sophos/McAfee Focus) for following reasons:
Key limitations driving replacement:
1. Sophos SG UTM:
Failed RBI’s 2023 encrypted traffic inspection mandates due to TLS 1.3 gaps and limited cloud scale.
Failed RBI’s 2023 encrypted traffic inspection mandates due to TLS 1.3 gaps and limited cloud scale.
Manual policy management caused 40% longer change cycles for new banking apps (e.g., iMobile features).
2. McAfee Web Gateway:
Appliance sprawl increased costs (30% higher TCO vs. ZIA) and created single points of failure during UPI peaks.
Lacked real-time threat intelligence integration, delaying response to phishing campaigns targeting IMPS/UPI.
3. Common Legacy Flaws:
No native cloud scalability for sudden traffic surges (e.g., demonetization-like events).
Inability to enforce consistent policies for hybrid work – critical post-RBI remote banking guidelines.
Fragmented visibility across mobile banking, APIs, and on-prem cores (Finacle/Oracle).
ZIA resolved these by delivering:
100% TLS inspection (RBI compliance)
Unified cloud architecture (50% lower latency vs. McAfee/Sophos)
Auto-scaling for UPI/IMPS transaction bursts
API-driven policies enabling agile launches (e.g., Niyo integrations).
- Cloud Solutions
Cloud Solutions as the Deciding Factor: The cloud-native architecture of Zscaler Internet Access (ZIA) was the single most critical factor in our decision. As a bank handling 10M+ daily UPI transactions, we needed a solution that could:
Replace legacy appliances (Sophos/McAfee/Cisco) struggling with RBI’s TLS 1.3 inspection mandates.
Replace legacy appliances (Sophos/McAfee/Cisco) struggling with RBI’s TLS 1.3 inspection mandates.
Scale elastically during traffic surges (e.g., 5X load during Diwali/UPI festivals) without hardware bottlenecks.
Enable zero-trust access for 80,000+ hybrid employees – a non-negotiable post-RBI remote work guidelines.
ZIA’s globally distributed cloud (150+ POPs) provided 100% SSL inspection at line speed, reduced latency for mobile banking apps, and cut TCO by 40% versus on-prem alternatives. Without this cloud foundation, our digital banking resilience (e.g., iMobile, instabiz) would be compromised.
If revisiting our selection, we’d enhance three key areas to further de-risk and optimize outcomes:
1. Real-World Transaction Simulation Testing:
We’d simulate peak UPI/IMPS volumes (e.g., 15K TPS) during vendor PoCs, measuring ZIA’s SSL inspection impact on end-customer latency for iMobile/instaBiz. While ZIA passed this in production, upfront testing would validate scalability claims versus rivals like Netskope.
2. RBI Compliance Deep-Dive:
Mandate third-party audits of TLS 1.3/QUIC inspection capabilities against RBI’s 2023 guidelines. ZIA excelled here, but formal validation would accelerate legal/risk sign-offs.
3. Hybrid Work Cost Modeling:
Quantify appliance decommissioning savings (power/cooling/FTE) earlier. We saved 40% TCO migrating from McAfee/Sophos, but granular forecasting would’ve strengthened stakeholder buy-in.
4. API Integration Sprint:
Require vendors to demo real-time policy sync with our core banking stack (Finacle/SAP) in <48 hours. ZIA’s APIs enabled this, but stress-testing integrations pre-selection prevents post-deploy surprises.
Zscaler Internet Access Support
| Pros | Cons |
|---|---|
Quick Resolution Good followup Knowledgeable team Problems get solved Kept well informed No escalation required Immediate help available Support understands my problem Support cares about my success Quick Initial Response | None |
No, because the standard support included with Zscaler Internet Access has consistently exceeded my expectations (rated 10/10). It fully met our needs, making premium support unnecessary and not required for now.
Yes - Yes, I reported a bug. Zscaler support engaged promptly, investigated thoroughly, and implemented a resolution efficiently, aligning with my positive experience.
When I reported a critical bug causing intermittent connectivity disruptions, Zscaler support responded immediately. Their team worked around the clock, provided clear updates, and delivered a permanent fix within an aggressive timeframe, minimizing our downtime significantly. This proactive and dedicated approach was exceptional.
Comments
Please log in to join the conversation