About Shift

About Shift

Zscaler Shift is an easy-to-use, cloud service that provides carrier-grade security and compliance for your organization's network. It can be configured in minutes by setting Domain Name Service (DNS) to Shift. From there, Shift intelligently routes all suspicious traffic to the Zscaler cloud security platform for full in-line content inspection. This offers multiple security features including content filtering, threat security, Safe Search, and SSL inspection. In addition, Zscaler's Advanced Threat Protection blocks malicious active content, such as browser exploits, vulnerable ActiveX controls, malicious JavaScript, and cross-site scripting. 

Diagram of an overview of how Shift works

Overview of Security Features Provided by Shift

With your organization’s policies, you can implement the following key security features.

Content Filtering

Shift enables you to choose the level of content filtering that you want to enforce for your organization's users. You can select from the six content filter types when configuring a policy. Each filter type corresponds to a predefined group of URL categories that Shift can block.

Threat Security 

If a user requests a URL that is unknown to Shift, or deemed suspicious according to its threat scoring mechanism, Shift can forward the traffic to the Zscaler service to perform full in-line inspection of content from these domains and provide the following advanced security features:

  • Protection against basic spyware and malware as well as other advanced threats, including botnets, malicious active content, unauthorized communications, and cross-site scripting
  • When necessary, integrated file sandboxing analysis (running and analyzing files in a virtual environment to detect hidden malicious content) for all Windows executable files and Dynamic Link Libraries (DLL) of traffic from URLs in suspicious categories.

Shift leverages the advanced security capacities of the Zscaler service to block malicious content from reaching your organization's users. This feature is enabled by default, but you can choose to disable it in your policies. If you want to enable Threat Security for HTTPS sites, you must enable SSL inspection.

Safe Search

Shift can ensure your users' browsers block all inappropriate or explicit images from search engine results. Users cannot bypass this restriction on their browsers. This feature is enabled by default, but you can choose to disable it in your policies. If you want to enable Safe Search for Yahoo and YouTube, you must enable SSL inspection.

SSL Inspection

Shift can perform HTTPS decryption on any HTTPS site it deems suspicious according to its threat scoring mechanism, with the exception of sites in the Healthcare, Finance, and Banking URL category. To protect your users' privacy, Shift does not inspect content in those three categories. This feature is disabled by default. 

Whitelisting and Blacklisting Domains

No matter what content filter type you choose or which of the above security features you enable for a given policy, there may be some domains that you want to whitelist and always allow for users, and other domains that you want to blacklist and always block for users. For each policy you configure, Shift enables you to select specific domains to whitelist or blacklist. You can use this feature configuring Custom Categories and selecting them in your policy.

Shift Administration

From the Shift Administration menu, you can configure the following:

Shift Dashboard

The Shift Dashboard allows users to view a variety of information about what is happening on their network. To learn more about the dashboard see About the Dashboard.