Zscaler Shift is also known as Zscaler Intelligent Routing for Guest Wi-Fi Protection.
Open Public Wi-Fi access to visitors, guests, customers, or employees is an expected part of running a business but which comes with security risks, risk of losing reputation if we fail to exercise reasonable controls to stop illegal or unwanted acts on our hotspots. Guest Wi-Fi management is complex. Guest wi-fi management solutions like Zscaler Shift offer protection of users along with simplified guest Wi-Fi management tasks.
Today we will look more in detail about Zscaler Shift which is designed for intelligent routing of guest Wi-Fi connections, we will understand how it works, its architecture advantages and user cases etc.
What is Zscaler Shift?
Zscaler Shift is an easy to use cloud service which provides carrier grade security and compliance in the organization network for Guest Wi-Fi protection. Shift intelligently routes all suspicious traffic to Zscaler cloud security platform for full inline inspection of content. It has several security features such as content filtering, threat security, Safe search, SSL inspection. It blocks malicious content using Advanced threat protection mechanisms such as Browser exploits, vulnerable ActiveX controls, malicious JavaScript and cross site scripting.
Configuration Features
Zscaler lets you configure key security features as explained below:
- Content filtering: Content Filtering is enabled to choose the level of filtering you want to enforce for your organization users. Can be chosen from six content filter types while configuring the policy.
- Threat security: if user requests a URL unknown to Zscaler shift or deemed suspicious as per threat score it will forward traffic to Zscaler service to perform full inline inspection of content for the domain by providing basic spyware and malware protection including advanced threats such as botnets, malicious active content, unauthorized communications and cross site scripting. Integrated file sandboxing analysis for all windows executable files and dynamic link libraries of traffic from URLs.
- Safe Search: blocks all inappropriate content or images from search engine results.
- SSL inspection: Shift can perform HTTPS decryption on any HTTPS site it deems suspicious as per threat score excluding Healthcare , finance and banking URL categories to protect user privacy.
- Domains in allow list and Deny list: each policy which you configure. Shift enables to select specific domains for allow list and deny list.
Zscaler Shift Architecture
Advantages of Zscaler Shift
- Automatic blocking of malicious and unauthorized sites, allows reputable or permissible sites and conducts deep analysis of suspicious sites to determine whether to allow or block them
- Offers malicious URL filtering , Antivirus/ antispyware , deep content inspection, and sandboxing / threat emulation
- Ease of deployment and management across multiple locations
- Policy management via a simple point and click interface
- Contents and site restriction which guest Wi-Fi is allowed to access
- Enable ‘safe reach’ feature to ensure browser results contain no offensive or inappropriate contents
- Network traffic automatic redirection to nearest Zscaler data center
- Deep content inspection is performed on sites to block active malicious content, browser exploits, vulnerable ActiveX controls , cross site scripting etc.
- Seamless inspection of SSL traffic without impacting performance.
Continue Reading:
Introduction to Zscaler DAS – Deployment Advisory Services
Zscaler Private Access (ZPA) Architecture
ABOUT THE AUTHOR
I am here to share my knowledge and experience in the field of networking with the goal being – “The more you share, the more you learn.”
I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.
I am a strong believer of the fact that “learning is a constant process of discovering yourself.”
– Rashmi Bhardwaj (Author/Editor)
