IT Security & Network Security News & Reviews: Zscaler Offers Secure Web Gateway as a Service

 
 
By Matthew Sarrel  |  Posted 2010-08-06
 
 
 

Zscaler Offers Secure Web Gateway as a Service

by Matt Sarrel

Zscaler Offers Secure Web Gateway as a Service

Dashboard

The Zscaler Dashboard greets me after I log in to the administration portal. Traffic amounts overall, traffic by time, traffic by location, traffic by department, and threat information is shown. This screen can be customized. The Favorites drop down in the middle holds my favored reports. Within 5 minutes of logging in I know whats going on.

Dashboard

Data Loss Prevention

I configured Zscaler to watch out for transmission of social security numbers. Then I had a test user attempt to send a Facebook message containing a SSN. Zscaler correctly identified the data leakage condition, alerted me, and logged the incident.

Data Loss Prevention

Reporting

Reports are a strong suit of Zscaler. I can quickly find threats and how they attempted to enter my testbed.

Reporting

URL by Class

Reporting allowed me to quickly see the types of sites accessed by my test users.

URL by Class

Blocked Virus

This not only illustrates that the eicar test virus was blocked, you can also see I was able to customize the notification screen with a logo, contact info, and custom text.

Blocked Virus

Bandwidth Control

A fascinating feature is the ability to define policies for bandwidth control by application class. Here, "web conferencing" is given full bandwidth but "media/streaming" is limited to 50%.

Bandwidth Control

Streaming Media

Further drilling down into managing the application class "streaming media", I could set a specific site, in this case last.fm, to be exempt from the rules.

Streaming Media

Configuration Reminder

A strong positive feature is the warning that is clearly shown reminding administrators to save and activate changes.

Configuration Reminder

Getting Started

The Getting Started panel walked me through configuring Zscaler security services in about 1.5 hours. I could have done it faster but I wanted to explore and read everything.

Getting Started

First Run

The first time I logged into zscaler I got an eyeful of unpopulated dashboard. I clicked Getting Started in the top right corner and got right to configuration.

First Run

Password Controls

I was delighted to see that Zscaler insists on new strong passwords when the admin account is activated.

Password Controls

Email Security

Email security reporting is as straightforward and powerful as Web security reporting. I enjoyed watching the legitimate e-mail vs. spam race over a 24-hour period for my domain. They started off neck and neck, but after business hours the volume of spam tripled.

Email Security

Spam Report

An extremely helpful feature is the ability to double-click on the spam slice of the pie chart shown in the previous screen shot and have it open up a listing of all spam e-mail. This can be exported to CSV for deeper analysis.

Spam Report

Rocket Fuel