๐”– Scriptorium
โœฆ   LIBER   โœฆ
๐Ÿ“

Zscaler Cloud Security Essentials: Discover how to securely embrace cloud efficiency, intelligence, and agility with Zscaler

โœ Scribed by Ravi Devarasetty

Publisher
Packt Publishing
Year
2021
Tongue
English
Leaves
236
Category
Library
โฌ‡  Acquire This Volume

No coin nor oath required. For personal study only.

โœฆ Synopsis

Harness the capabilities of Zscaler to deliver a secure, cloud-based, scalable web proxy and provide a zero-trust network access solution for private enterprise application access to end users

Key Features

  • Get up to speed with Zscaler without the need for expensive training
  • Implement Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) security solutions with real-world deployments
  • Find out how to choose the right options and features to architect a customized solution with Zscaler

Book Description

Many organizations are moving away from on-premises solutions to simplify administration and reduce expensive hardware upgrades. This book uses real-world examples of deployments to help you explore Zscaler, an information security platform that offers cloud-based security for both web traffic and private enterprise applications.

You'll start by understanding how Zscaler was born in the cloud, how it evolved into a mature product, and how it continues to do so with the addition of sophisticated features that are necessary to stay ahead in today's corporate environment. The book then covers Zscaler Internet Access and Zscaler Private Access architectures in detail, before moving on to show you how to map future security requirements to ZIA features and transition your business applications to ZPA. As you make progress, you'll get to grips with all the essential features needed to architect a customized security solution and support it. Finally, you'll find out how to troubleshoot the newly implemented ZIA and ZPA solutions and make them work efficiently for your enterprise.

By the end of this Zscaler book, you'll have developed the skills to design, deploy, implement, and support a customized Zscaler security solution.

What you will learn

  • Understand the need for Zscaler in the modern enterprise
  • Study the fundamental architecture of the Zscaler cloud
  • Get to grips with the essential features of ZIA and ZPA
  • Find out how to architect a Zscaler solution
  • Discover best practices for deploying and implementing Zscaler solutions
  • Familiarize yourself with the tasks involved in the operational maintenance of the Zscaler solution

Who this book is for

This book is for security engineers, security architects, security managers, and security operations specialists who may be involved in transitioning to or from Zscaler or want to learn about deployment, implementation, and support of a Zscaler solution. Anyone looking to step into the ever-expanding world of zero-trust network access using the Zscaler solution will also find this book useful.

Table of Contents

  1. Security for the Modern Enterprise with Zscaler
  2. Understanding the modular Zscaler Architecture
  3. Delving into ZIA Policy Features
  4. Understanding Traffic Forwarding and User Authentication Options
  5. Architecting and Implementing Your ZIA solution
  6. Troubleshooting and Optimizing your ZIA solution
  7. Introducing ZTNA with Zscaler Private Access (ZPA)
  8. Using ZPA to provide secure application access
  9. Transitioning your business applications to ZPA
  10. Architecting and Implementing your ZPA solution

โœฆ Table of Contents

Cover
Title page
Copyright and Credits
Dedication
Contributors
Table of Contents
Preface
Section 1: Zscaler for Modern Enterprise Internet Security
Chapter 1: Security for the Modern Enterprise with Zscaler
Fundamental definitions in security
Active Directory
Authentication
Bad actors
Bandwidth
Certificate
DLP
DNS
Firewall
FTP
Identity Provider
Intrusion Prevention System
Kerberos
Logging
Malware
PAC file
SAML
Sandbox
Secure Web Gateway
Secure Sockets Layer/Transport Layer Security
Surrogate IP
Tunnel
VPN
XFF
Understanding the evolution of the modern enterprise and its workforce
Evolution of the workforce
Enterprise infrastructure evolution
Exploring the need for scalable, cloud-based security
Workforce evolution requirements
Enterprise preferences
Scalable, highly available, cloud-based solutions
Internet security for everyone
Using Zscaler Internet Access for a safe and secure internet experience
Why safe internet?
How ZIA works
Using Zscaler Private Access for secure application access
What is Private Access?
How ZPA works
ZCC
Summary
Questions
Chapter 2: Understanding the Modular Zscaler Architecture
Introducing the Zscaler cloud architecture
SSMA
High availability and redundancy
Understanding the CA โ€“ where the core resides
Admin Portal
Using Zscaler PSEs โ€“ where the policies are applied and enforced
SSL inspection
Virtual Service Edge (formerly called Virtual ZEN or VZEN)
Monitoring user and application activity using Nanolog clusters
Nanolog Streaming Service (NSS)
Protecting enterprise users and infrastructure with Sandbox
Understanding the need for a sandbox
Cloud Sandbox configuration options
Summary
Questions
Further reading
Chapter 3: Delving into ZIA Policy Features
Technical requirements
Understanding the ZIA Web policy
Security
Access Control
DLP
Exploring the ZIA Mobile policy
Zscaler Client Connector Configuration
Zscaler Mobile Security
Zscaler Mobile Access Control
Learning about the ZIA Firewall policy
Firewall Control
NAT Control Policy
DNS Control
FTP Control
IPS Control
Order of policy enforcement
Summary
Questions
Further reading
Chapter 4: Understanding Traffic Forwarding and User Authentication Options
Technical requirements
Understanding traffic forwarding
GRE tunnel forwarding
IPsec tunnel forwarding
Creating GRE or IPsec locations
PAC file forwarding
Exploring ZCC internet traffic forwarding
ZCC internet access forwarding scenarios
ZCC internet access forwarding options
ZCC silent authentication
ZCC ZIA process flow
Evaluating user authentication options
Benefits of user authentication
Surrogate IP
User provisioning
User authentication process flow
User authentication options
Summary
Questions
Further reading
Chapter 5: Architecting and Implementing Your ZIA Solution
Analyzing the security posture of the enterprise
Zscaler question set
Creating a customized ZIA solution for the enterprise
Traffic forwarding
User authentication
Policy
Implementing the ZIA solution across the enterprise
Planning
Configuration
Pilot rollout
Production rollout
Summary
Questions
Further reading
Chapter 6: Troubleshooting and Optimizing Your ZIA Solution
Technical requirements
Setting up proactive ticketing and alerts
ZIA alerts
ZIA ticketing
Producing reports for management review
System-defined reports
Insights
Generating custom widgets for the ZIA Dashboard
Editing current widgets
Adding new widgets
Creating a unified ZIA troubleshooting guide
Basic troubleshooting
Advanced troubleshooting
End users are unable to access websites
End users get a Website Blocked error
The ZCC App displays a Captive Portal Fail Open Error message
The ZCC App shows a Network Error message
The ZCC App displays an Internal Error message
The ZCC App exhibits a Connection Error message
The ZCC App has a Local FW/AV Error message
The ZCC App shows a Driver Error message
User authentication errors
Users are unable to upload or download files
Slow website response
URL formatting
Application SSL inspection
Application authentication
Summary
Questions
Further reading
Section 2: Zero-Trust Network Access (ZTNA) for the Modern Enterprise
Chapter 7: Introducing ZTNA with Zscaler Private Access (ZPA)
What is ZTNA and how does ZPA fit in to this?
ZTNA core principles
Why is ZTNA needed?
ZPA security principles
Delving into the ZPA architecture
ZPA CA
ZPA PSEs
ZCC application
App Connectors
Z tunnels
Microtunnels
Logging and analytics cluster
LSS
Exploring clientless ZPA solutions
Understanding the Zscaler Cloud Connector ZPA solution
Delving into the BA ZPA solution
Questions
Further reading
Chapter 8: Exploring the ZPA Admin Portal and Basic Configuration
Navigating around the ZPA Admin Portal
ZPA dashboards
ZPA administration
Configuring the ZPA log servers for activity insights
Integrating with Azure AD and Okta for SSO
Adding an IdP
Configuring the ZCC app for ZPA
ZCC app installation
ZCC app enrollment and authentication
ZPA application access
Device posture control
ZPA process flow
Summary
Questions
Further reading
Chapter 9: Using ZPA to Provide Secure Application Access
Deploying App Connectors
Connector requirements
Installing the connector
Connector updates
Connector provisioning
Configuring ZPA applications
DNS search domains
Adding an application segment
Configure SAML attributes
Configuring end user access policies
Application health monitoring
Exploring the best practices for enterprise deployments
App Connectors
Certificates
Authentication
ZCC app
Application
Monitoring
Log streaming service
Summary
Questions
Further reading
Chapter 10: Architecting and Troubleshooting Your ZPA Solution
Architecting your ZPA solution
Stepping through the ZPA Question Set
Inventory of existing applications
Discovering end user access
Pilot rollout
Expanded rollout
Final rollout
Troubleshooting your ZPA solution
Unable to access a service due to a captive portal error
Unable to access a service due to a network error
Unable to access a service due to an internal error
Unable to access a service due to a connection error
Unable to access a service due to a local FW/AV error
Unable to access a service due to a driver error
Unable to access a private application/service due to an unauthenticated error
Unable to access a private application/service
Unable to access any application/service
Unable to authenticate due to a SAML transit error
Unable to authenticate due to a SAML account error
Unable to authenticate due to a SAML format error
Summary
Questions
Further reading
Assessments
Chapter 1 โ€“ Security for the Modern Enterprise with Zscaler
Chapter 2 โ€“ Understanding the Modular Zscaler Architecture
Chapter 3 โ€“ Delving into ZIA Policy Features
Chapter 4 โ€“ Understanding Traffic Forwarding and User Authentication Options
Chapter 5 โ€“ Architecting and Implementing Your ZIA Solution
Chapter 6 โ€“ Troubleshooting and Optimizing Your ZIA Solution
Chapter 7 โ€“ Introducing ZTNA with Zscaler Private Access (ZPA)
Chapter 8 โ€“ Exploring the ZPA Admin Portal and Basic Configuration
Chapter 9 โ€“ Using ZPA to Provide Secure Application Access
Chapter 10 โ€“ Architecting and Troubleshooting Your ZPA Solution
Why subscribe?
About Packt
Other Books You May Enjoy
Index

๐Ÿ“œ SIMILAR VOLUMES

Zscaler Cloud Security Essentials: Disco
๐Ÿ“ Zscaler Cloud Security Essentials: Discover how to securely embrace cloud efficiency, intelligence, and agility with Zscaler
โœ Ravi Devarasetty ๐Ÿ“‚ Library ๐Ÿ“… 2021 ๐Ÿ› Packt Publishing ๐ŸŒ English

<p><b>Harness the capabilities of Zscaler to deliver a secure, cloud-based, scalable web proxy and provide a zero-trust network access solution for private enterprise application access to end users</b></p><h4>Key Features</h4><ul><li>Get up to speed with Zscaler without the need for expensive train

Zscaler Cloud Security Essentials: Disco
๐Ÿ“ Zscaler Cloud Security Essentials: Discover how to securely embrace cloud efficiency, intelligence, and agility with Zscaler
โœ Ravi Devarasetty ๐Ÿ“‚ Library ๐Ÿ“… 2021 ๐Ÿ› Packt Publishing ๐ŸŒ English

<p><span>Harness the capabilities of Zscaler to deliver a secure, cloud-based, scalable web proxy and provide a zero-trust network access solution for private enterprise application access to end users</span></p><p><span><br></span></p><p><span>Key Features: </span></p><ul><li><span><span>Get up to

Zscaler Cloud Security Essentials: Disco
๐Ÿ“ Zscaler Cloud Security Essentials: Discover how to securely embrace cloud efficiency, intelligence, and agility with Zscaler
โœ Ravi Devarasetty ๐Ÿ“‚ Library ๐Ÿ“… 2021 ๐Ÿ› Packt Publishing ๐ŸŒ English

<p><span>Harness the capabilities of Zscaler to deliver a secure, cloud-based, scalable web proxy and provide a zero-trust network access solution for private enterprise application access to end users</span></p><p><span><br></span></p><p><span>Key Features: </span></p><ul><li><span><span>Get up to

Zscaler Cloud Security Essentials: Disco
๐Ÿ“ Zscaler Cloud Security Essentials: Discover how to securely embrace cloud efficiency, intelligence, and agility with Zscaler
โœ Ravi Devarasetty ๐Ÿ“‚ Library ๐Ÿ“… 2021 ๐Ÿ› Packt Publishing ๐ŸŒ English

<p><span>Harness the capabilities of Zscaler to deliver a secure, cloud-based, scalable web proxy and provide a zero-trust network access solution for private enterprise application access to end users</span></p><p><span><br></span></p><p><span>Key Features: </span></p><ul><li><span><span>Get up to

Terraform for Google Cloud Essential Gui
๐Ÿ“ Terraform for Google Cloud Essential Guide: Learn How to Provision Infrastructure in Google Cloud Securely and Efficiently
โœ Bernd Nordhausen ๐Ÿ“‚ Library ๐Ÿ“… 2023 ๐Ÿ› Packt Publishing ๐ŸŒ English

Become an expert in Terraform on Google Cloud by using Infrastructure as Code for provisioning multiple yet consistent environments to increase productivity in no time Key Features: Get up and running with Terraform on Google Cloud Learn Terraform concepts using Google Cloud code examples Apply Terr

Terraform for Google Cloud Essential Gui
๐Ÿ“ Terraform for Google Cloud Essential Guide: Learn How to Provision Infrastructure in Google Cloud Securely and Efficiently
โœ Bernd Nordhausen ๐Ÿ“‚ Library ๐Ÿ“… 2023 ๐Ÿ› Packt Publishing ๐ŸŒ English

Become an expert in Terraform on Google Cloud by using Infrastructure as Code for provisioning multiple yet consistent environments to increase productivity in no time Key Features: Get up and running with Terraform on Google Cloud Learn Terraform concepts using Google Cloud code examples Apply Terr