Zscaler Shift is also known as Zscaler Intelligent Routing for Guest Wi-Fi Protection.
Open Public Wi-Fi access to visitors, guests, customers, or employees is an expected part of running a business but which comes with security risks, risk of losing reputation if we fail to exercise reasonable controls to stop illegal or unwanted acts on our hotspots. Guest Wi-Fi management is complex. Guest wi-fi management solutions like Zscaler Shift offer protection of users along with simplified guest Wi-Fi management tasks.
Today we will look more in detail about Zscaler Shift which is designed for intelligent routing of guest Wi-Fi connections, we will understand how it works, its architecture advantages and user cases etc.
What is Zscaler Shift?
Zscaler lets you configure key security features as explained below:
- Content filtering: Content Filtering is enabled to choose the level of filtering you want to enforce for your organization users. Can be chosen from six content filter types while configuring the policy.
- Threat security: if user requests a URL unknown to Zscaler shift or deemed suspicious as per threat score it will forward traffic to Zscaler service to perform full inline inspection of content for the domain by providing basic spyware and malware protection including advanced threats such as botnets, malicious active content, unauthorized communications and cross site scripting. Integrated file sandboxing analysis for all windows executable files and dynamic link libraries of traffic from URLs.
- Safe Search: blocks all inappropriate content or images from search engine results.
- SSL inspection: Shift can perform HTTPS decryption on any HTTPS site it deems suspicious as per threat score excluding Healthcare , finance and banking URL categories to protect user privacy.
- Domains in allow list and Deny list: each policy which you configure. Shift enables to select specific domains for allow list and deny list.
Zscaler Shift Architecture
Advantages of Zscaler Shift
- Automatic blocking of malicious and unauthorized sites, allows reputable or permissible sites and conducts deep analysis of suspicious sites to determine whether to allow or block them
- Offers malicious URL filtering , Antivirus/ antispyware , deep content inspection, and sandboxing / threat emulation
- Ease of deployment and management across multiple locations
- Policy management via a simple point and click interface
- Contents and site restriction which guest Wi-Fi is allowed to access
- Enable ‘safe reach’ feature to ensure browser results contain no offensive or inappropriate contents
- Network traffic automatic redirection to nearest Zscaler data center
- Deep content inspection is performed on sites to block active malicious content, browser exploits, vulnerable ActiveX controls , cross site scripting etc.
- Seamless inspection of SSL traffic without impacting performance.
Introduction to Zscaler DAS – Deployment Advisory Services