Book Image

Zscaler Cloud Security Essentials

By : Ravi Devarasetty
Book Image

Zscaler Cloud Security Essentials

By: Ravi Devarasetty

Overview of this book

Many organizations are moving away from on-premises solutions to simplify administration and reduce expensive hardware upgrades. This book uses real-world examples of deployments to help you explore Zscaler, an information security platform that offers cloud-based security for both web traffic and private enterprise applications. You'll start by understanding how Zscaler was born in the cloud, how it evolved into a mature product, and how it continues to do so with the addition of sophisticated features that are necessary to stay ahead in today's corporate environment. The book then covers Zscaler Internet Access and Zscaler Private Access architectures in detail, before moving on to show you how to map future security requirements to ZIA features and transition your business applications to ZPA. As you make progress, you'll get to grips with all the essential features needed to architect a customized security solution and support it. Finally, you'll find out how to troubleshoot the newly implemented ZIA and ZPA solutions and make them work efficiently for your enterprise. By the end of this Zscaler book, you'll have developed the skills to design, deploy, implement, and support a customized Zscaler security solution.
Table of Contents (15 chapters)
1
Section 1: Zscaler for Modern Enterprise Internet Security
8
Section 2: Zero-Trust Network Access (ZTNA) for the Modern Enterprise

Evaluating user authentication options

We saw how end user internet traffic is forwarded to Zscaler in the previous sections. When creating a new location, we saw an option called Enforce Authentication, which can force the end user to authenticate. If an end user is not authenticated, the administrator has no option but to apply all the policies on a per-location basis. If the policies are applied on a per location basis, there is no visibility into user-level web activities. This choice does not fully leverage the granular policy application feature of ZIA.

Before we evaluate the available user authentication options, let's examine why enterprises usually require user authentication.

Benefits of user authentication

It is very common for end users to authenticate into any application to gain access. Consequently, their permissions are granted accordingly. Similarly, when users authenticate into ZIA, policies can be set on a granular level based on the user, user&apos...