Armadillo Managed Services

Zscaler

Zscaler Web Security protects your enterprise from cyber threats, stopping intellectual property leaks, and ensuring compliance with corporate content and access policies. It monitors your network and user activity, secures roaming users and mobile devices, and manages all of this globally from a single management console.

Features

  • Secure Web Gateway
  • Cloud Based Internet Gateway
  • Next Generation Firewall
  • DLP
  • APT - Cloud Sandboxing
  • Wifi Security
  • VPN
  • DNS
  • Load Balancing

Benefits

  • Stop zero day malware infections
  • Protects all internet traffic for all users on all devices
  • SSL Inspection stops threats, data leaks in encrypted traffic
  • Visibility into Internet usage by user, location, and application
  • Instantaneous, cloud-wide updates
  • Full Remote Location Protection
  • Operating expenses reduced with no appliance boxes to administer
  • Protect against Data Exfiltration - DLP
  • Compliance Enforcement
  • In-depth reporting, security analytics and investigative capabilities in centralised console

Pricing

£33 per user per year

  • Free trial available

Service documents

G-Cloud 10

399815934876974

Armadillo Managed Services

John Webster

02080888222

gcloud@wearearmadillo.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Zscaler has an extensive list of service options and integrations that can be found on the Zscaler website. https://www.zscaler.com/
Cloud deployment model Public cloud
Service constraints N/A
System requirements Appropriate Licensing and access for integration entities.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 1 Hour response time maximum 24x7x365
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels 24x7x365 Service Desk 1 Hour Response Time.
SLAs and Escalation processes and procedures
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Online Training and User Documentation
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Support Request
End-of-contract process Service is terminated, client responsible for migrating away from service. Data is not retained.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The Zscaler web portal is browser based for both types of devices so only differences will be between the device display properties. The Zscaler mobile application available at no extra cost.
Accessibility standards None or don’t know
Description of accessibility Unknown
Accessibility testing Unknown
API Yes
What users can and can't do using the API REST
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation Branded

Scaling

Scaling
Independence of resources Zscaler cloud scales elastically with near-zero latency and downtime

Analytics

Analytics
Service usage metrics Yes
Metrics types Visibility into Internet usage by user, location, and application. Granular web app access policies across users, devices and locations. In-depth reporting, security analytics and investigative capabilities in centralised console
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Reseller providing extra support
Organisation whose services are being resold Zscaler

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Other
Other data at rest protection approach For production cloud systems this is not required. Administrative access is protected using several layers of security. The cloud is only accessible through jump systems located inside Zscaler’s private VPN. Access to the restricted jump systems requires multi-factor authentication. Each node is protected by a built-in firewall and administrative traffic is protected by 3DES, AES 128 or AES 256 encryption. Once VPN access has been granted, administrators are authenticated with a user name and password, and an individual certificate (public key authentication)
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Zscaler does not hold any customer data - only transaction logs. Transaction logs can be exported by a customer through the user interface at any time
Data export formats CSV
Data import formats Other
Other data import formats
  • Active Directory connection
  • Open LDAP

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Zscaler is ISO27001-certified and provides 99.999% availability SLA—with additional SLAs on latency and virus capture too. This level of performance is prohibitively expensive to try to offer yourself with security appliances.
Approach to resilience World’s largest global security cloud with 100+ datacenters and near-zero latency
Outage reporting Public Dashboard

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication Zscaler Authentication Bridge.
Access restrictions in management interfaces and support channels Access to support channels is only granted to administrative users and security check is carried out when a user raises a support ticket. Management interfaces are also locked down to administrative users.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BrightLine, a US ANAB accredited certification body
ISO/IEC 27001 accreditation date 29/07/2016
What the ISO/IEC 27001 doesn’t cover The scope of the ISO/IEC 27001:2013 certificate is limited to the information security management system (ISMS) supporting the Zscaler cloud operations for its Cloud Security platform (including operations employees and network operations center) located at Zscaler’s Headquarter in San Jose, California, in accordance with the Statement of Applicability, version 2.0, dated June 22, 2016.
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date 07/01/2015
CSA STAR certification level Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover Unknown
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes Zscaler offers strong password management capabilities, account management capabilities, and encrypted attributes. Zscaler conforms to ISO 27001 governing physical and network security architecture, and reliability.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Independent Validation ISO 27001
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Independent Validation ISO 27001
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Independent Validation ISO 27001
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Independent Validation ISO 27001

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £33 per user per year
Discount for educational organisations No
Free trial available Yes
Description of free trial Full service
Time limited - typically 30 days

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑