Deployment

Following the 3 steps below, we can evaluate your current security posture, forward traffic to the Zscaler service, and have applicable policies secure and restrict access to the Internet.

We will deploy a lightweight agent, the Zscaler App, to an end-user macOS or Windows device.  Once authenticated with Zscaler, all HTTP and HTTPS to the public Internet will go through the Zscaler Internet Access platform.

1  Analyze your security posture

Before deploying Zscaler, we can quickly analyze the effectiveness of your current solution with stopping threats, protecting your users and safeguarding your company's intellectual property.

Run security preview

2  Send traffic through Zscaler

Supporting Windows, macOS, iOS, and Android, Zscaler App works with Zscaler Internet Access to deliver our security platform from the cloud, so users globally get in-depth, always-on protection.

WINDOWSmacos

3  Authenticate with Zscaler

Referencing the email sent to by your Zscaler Sales Engineer, login to the Zscaler App using either the Executive, Sales, or Contractor accounts. The differences between these account types  is discussed in User Experience.

What we're doing

1  Security Preview

Zscaler Security Preview runs a series of browser-based tests to quickly check for vulnerabilities in your current Internet security infrastructure. Twelve of these tests are focused on security threats, and three of them are focused on data protection. Note that Security Preview runs in your browser, won’t access any data, and won’t introduce malware or change any settings. You may see alerts in your security system.

We'll come back to Security Preview during the User Experience phase, allowing us to compare results both with and without the Zscaler service in place.

2  Zscaler App

The Zscaler App forwards all HTTP and HTTPs traffic from a user device to the nearest Zscaler cloud datacenter. Additionally, the Zscaler App automatically installs the root SSL certificate which gives Zscaler the ability to inspect HTTPS traffic.

In a production deployment the Zscaler App can be deployed centrally and be enforced to prevent users from disabling or uninstalling the service.

The Zscaler App is only one of several deployment methods Zscaler has available. Customers may deploy with any combination of GRE and IPsec VPN tunnels, the Zscaler App, and PAC files, depending on their requirements and user deployment.

3  Authenticate with Zscaler

We sent you an email which contains several login credentials. For the purposes of testing we can use the executive, sales, or contractor logins. Once logged into the Zscaler App, all HTTP and HTTPS traffic from the user device will be identified for policy application and reporting as the logged-in user.