Documentation
Experience Center
Secure Internet and SaaS Access (ZIA)
Secure Private Access (ZPA)
Digital Experience Monitoring (ZDX)
Posture Control (DSPM)
Zscaler Connectors
Client Connector
Cloud & Branch Connector
Zscaler Cellular
Zero Trust Device Segmentation
Data Protection
Cyber Protection
Isolation (CBI)
Risk360
Business Insights
ZIdentity
Developer Center
OneAPI
Zscaler SDK for Mobile Apps
Zscaler Legacy
ZCSPM
Posture Control (ZPC)
Logs & Fair Use
Zscaler Deployments & Operations
Zscaler Technology Partners
EOS & EOL- Support
Contact Support
Support Offerings
Submit Ticket 
Services
Deployment Services
Zscaler Threat Hunting Service
Services Credits
Staff Augmentation
Custom SOW
Training & Certification
Tools
Secure Internet and SaaS Access (ZIA) Help
- Getting Started
- Understanding the ZIA Cloud Architecture
- Step-by-Step Configuration Guide for ZIA
- Accessing and Using the Executive Insights App
- Admin Portal
- What Is My Cloud Name for ZIA?
- Viewing Subscriptions
- About Zscaler Data Privacy
- Managing ZIA Use in Russia
- Accepting the End User Subscription Agreement (EUSA)
- About the Company Profile
- About Notification
- Customizing Your Admin Account Settings
- Saving and Activating Changes in the ZIA Admin Portal
- Editing, Deleting, or Duplicating Items
- Using Tables
- Searching on the Admin Portal
- Using the Zscaler Help Browser
- Checking for IP Addresses on the Denylist
- Ranges & Limitations
- Supported Browsers for ZIA
- Zscaler Service Continuity Customer Notification Protocol
- Accessing and Navigating the ZIA Admin Portal
- Reference Architecture
- Data Protection with Secure Internet and SaaS Access
- Local Inspection with ZIA Private Service Edge and Virtual Service Edge
- TLS/SSL Inspection with Zscaler Internet Access
- Traffic Forwarding in Zscaler Internet Access
- User Provisioning and Authentication to Zscaler Services
- Zscaler DNS Security and Control
- Authentication & Administration
- Administrator & Role Management
- Configuring Role-Based Administration
- Role-Based Administration Configuration Examples
- Understanding Administrator Management Settings
- Configuring Password Expiration
- Configuring Restricted Access for Admins
- Configuring Advanced Configuration for Admins
- Obfuscating User Names for Admins
- Obfuscating Device Information for Admins
- About Auditors
- Adding Auditors
- About Audit Logs
- About Event Logs
- Administrators
- Role Management
- SAML for Admins
- User Management & Authentication Settings
- About Provisioning and Authenticating Users
- Choosing Provisioning and Authentication Methods
- About Authentication Default Settings
- Configuring the Default Authentication Profile
- Configuring the Hosted User Database
- Managing Forced Reauthentication
- Configuring a One-Time Token or One-Time Link
- About User Authentication Frequency
- About Authentication Profiles
- Configuring Custom Authentication Timeout Profiles
- About Zscaler Cookies
- About Surrogate IP
- Exempting URLs and Cloud Apps from Authentication
- Recommended Security Settings for Microsoft Edge Browser
- ZIA Authentication Error Codes
- User Management
- Users
- Groups
- Departments
- SAML & SCIM
- About Identity Providers
- Adding Identity Providers
- Adding the Zscaler Client Connector as an IdP
- Understanding SAML
- Configuring SAML
- Logging Out from Zscaler While Using SAML
- Troubleshooting SAML
- Understanding SCIM
- Configuring SCIM
- SCIM API Examples
- Active Directory with LDAP to SCIM Provisioning Migration Guide
- SAML & SCIM Configuration Guide for Microsoft Entra ID
- SAML & SCIM Configuration Guide for Okta
- SAML & SCIM Configuration Guide for PingFederate
- SAML & SCIM Configuration Guide for PingOne
- SAML Configuration Guide for AD FS 3.0
- SAML Configuration Guide for AD FS 2.0
- SAML & SCIM Configuration Guide for Google Apps
- SAML Configuration Guide for OneLogin
- SAML Configuration Guide for CA Single Sign-On
- Active Directory & LDAP
- Kerberos Authentication
- About Kerberos Authentication
- Kerberos Authentication Deployment Guidelines
- Kerberos Trust Relationship Configuration Guide for Windows Server & GPO Push
- Kerberos Trust Relationship Configuration Guide for Linux Server
- Using the Default Zscaler Kerberos PAC File
- Troubleshooting Kerberos Authentication
- ZIA Error Codes for Kerberos Authentication
- Basic Authentication
- Zscaler Authentication Bridge
- Identity Proxy Settings
- Certificates
- Alerts
- End User Notifications (EUNs)
- Browser EUNs
- Templates
- Global Configuration
- Zscaler Client Connector EUNs
- Backup & Restore
- API Security
- About Cloud Service API Key
- Managing Cloud Service API Key
- About Sandbox API Token
- Managing Sandbox API Token
- Securing ZIA APIs with OAuth 2.0
- About OAuth 2.0 Authorization Servers
- Managing OAuth 2.0 Authorization Servers
- OAuth 2.0 Configuration Guide for Okta
- OAuth 2.0 Configuration Guide for Microsoft Entra ID
- SNMP MIBs
- Traffic Forwarding
- Choosing Traffic Forwarding Methods
- Best Practices for Traffic Forwarding
- Handling DNS Resolution for Various Traffic Forwarding Methods
- Understanding Zscaler Authoritative DNS Servers
- About Subclouds
- Understanding Subclouds
- Editing a Subcloud
- About Data Center Exclusion Based on Traffic Forwarding Method
- Excluding a Data Center Based on Traffic Forwarding Method
- About Static IP
- Self-Provisioning of Static IP Addresses
- Importing Static IP Address from a CSV File
- Understanding Multi-Cluster Load Sharing
- Understanding Proxy Mode
- Determining Optimal MTU for GRE or IPSec Tunnels
- Implementing Zscaler in No-Default Route Environments
- Alternative Options to Caching Web Traffic
- Troubleshooting Users' Traffic not Going to the Nearest ZIA Public Service Edge
- Configuring Disaster Recovery
- Zscaler Traffic Bypasses
- GRE
- Understanding Generic Routing Encapsulation (GRE)
- GRE Deployment Scenarios
- About GRE Tunnels
- Self-Provisioning of GRE Tunnels
- Importing GRE Tunnels from a CSV File
- Configuring GRE Tunnels
- GRE Configuration Guide for Juniper SRX
- GRE Configuration Guide for Cisco 881 ISR
- Locating the Virtual IP Addresses for ZIA Public Service Edges
- IPSec
- Understanding IPSec VPNs
- Configuring an IPSec VPN Tunnel
- About VPN Credentials
- Adding VPN Credentials
- Importing VPN Credentials from a CSV File
- IPSec VPN Configuration Guide for Cisco ASA 55xx
- IPSec VPN Configuration Guide for Cisco 881 ISR
- IPSec VPN Configuration Guide for Juniper SRX
- IPSec VPN Configuration Guide for Juniper SSG 20
- IPSec VPN Configuration Guide for FortiGate Firewall
- IPSec VPN Configuration Guide for Palo Alto Networks Firewall
- IPSec VPN Configuration Guide for SonicWall TZ 350
- Locating the Hostnames and IP Addresses for ZIA Public Service Edges
- PAC Files
- Using PAC Files
- Writing a PAC File
- Best Practices for Writing PAC Files
- Firewall Requirements for Using PAC Files
- Using Default PAC Files to Forward Traffic to ZIA
- Using Custom PAC Files to Forward Traffic to ZIA
- Forwarding Traffic Based on User's Location Using PAC Files
- Load Balancing for PAC Forwarded Traffic
- Distributing a PAC File URL to Users
- Configuring Internet Explorer to Use a PAC File
- Configuring Google Chrome to Use a PAC File
- Configuring Mozilla Firefox to Use a PAC File
- Configuring Safari to Use a PAC File
- Zscaler Client Connector
- Getting Started
- Reference Architecture
- Administration
- Zscaler Client Connector Notifications
- API Key Management
- Zscaler Client Connector Store Settings
- Zscaler Client Connector Support Settings
- App Supportability
- About App Supportability
- Configuring User Access to Logging Controls for Zscaler Client Connector
- Configuring User Access to Support Options for Zscaler Client Connector
- Configuring User Access to the Restart and Repair Options for Zscaler Client Connector
- Configuring Automatic Username Population for IdP Authentication
- Configuring Automatic ZPA Reauthentication
- Registering Devices with ZPA IdP Username
- Network Performance
- App Fail Open
- User Privacy
- About User Privacy
- Configuring Zscaler Client Connector to Collect Device Owner Information
- Configuring Zscaler Client Connector to Collect Hostnames
- Enabling Packet Capture for Zscaler Client Connector
- Configuring Automatic Crash Reporting for Zscaler Client Connector
- Configuring Zscaler Client Connector to Collect ZDX Location Information
- Allow Users to Override Z-Tunnel 2.0 or ZPA Protocol Settings
- Allowing Non-Administrator Users Access to Zscaler Client Connector Log Files
- Restricting Remote Packet Capture
- Endpoint Integration
- Advanced Configuration
- Zscaler Client Connector Profile Management
- About Zscaler Client Connector App Profiles
- Configuring Zscaler Client Connector App Profiles
- Searching for a Zscaler Client Connector Profile
- Zscaler Client Connector Profile Rule Example
- Viewing the Policy Token for a Zscaler Client Connector Profile
- Anti-Tampering for Zscaler Client Connector
- Configuring a Default Global Log Mode
- Configuring a Cellular Quota with Zscaler Client Connector for Android
- Syncing Directory Groups between the ZIA Admin Portal and Zscaler Client Connector Portal
- Best Practices for Adding Bypasses for Z-Tunnel 2.0
- About Application Bypass
- Adding IP-Based Applications to Bypass Traffic
- Adding Process-Based Applications to Bypass Traffic
- Zscaler Endpoint Data Loss Prevention (DLP) Integration with Zscaler Client Connector
- About Business Continuity
- Device Posture Profiles
- Forwarding Traffic Management
- About Forwarding Profiles
- Configuring Forwarding Profiles for Zscaler Client Connector
- Using the Windows Filter Driver for Zscaler Client Connector
- Searching for a Forwarding Profile
- About Trusted Networks
- Configuring Trusted Networks for Zscaler Client Connector
- Searching for a Trusted Network
- About Z-Tunnel 1.0 & Z-Tunnel 2.0
- Configuring Dedicated Proxy Ports
- Managing Devices
- Platform and Authentication Management
- About Platform Settings
- Enabling Browser-Based Authentication
- Using WebView2 Authentication
- Enabling Resizing of the Zscaler Client Connector Authentication Window
- About Zscaler Client Connector IdP
- Using Zscaler Client Connector Portal as an Identity Provider
- Creating a Device Token
- Customizing the Zscaler Client Connector User Agent
- Configuring Passwords for Access in Unattended Mode
- Zscaler Client Connector and Imprivata Integration
- ZPA Partner Login
- Zscaler Service Entitlement
- About Zscaler Service Entitlement
- Enabling ZPA for a Group of Users
- Configuring ZPA Machine Tunnel for All
- Enabling ZDX for All Users
- Enabling ZDX for a Group of Users
- Enabling Deception for a Group of Users
- About Device Groups
- Creating Device Groups
- Searching for Device Groups
- Enabling ZPA for Device Groups
- Enabling Zscaler Deception for Device Groups
- Enabling ZDX for Device Groups
- Enabling ZIA for Device Groups
- Downloading & Deployment
- Understanding Zscaler Client Connector App Downloads
- Configuring Zscaler Client Connector for Microsoft 365 Cloud PCs
- Customizing Zscaler Client Connector with Install Options for MSI
- Customizing Zscaler Client Connector with Install Options for EXE
- Customizing Zscaler Client Connector with Install Options for macOS
- Customizing Zscaler Client Connector with Install Options for Linux
- Customizing Zscaler Client Connector with Install Options for Android
- Customizing Zscaler Client Connector with Install Options for iOS
- Dual Tunnel Feature Configuration with Jamf Pro for iOS
- Dual Tunnel Feature Configuration with Microsoft Intune for iOS
- Blocking LAN Access and Configuring Zscaler Client Connector Firewall on macOS
- Best Practices for Zscaler Client Connector Deployment
- Best Practices for Updating Latest Versions of Zscaler Client Connector Application
- Uninstalling Zscaler Client Connector
- Reverting Zscaler Client Connector to the Previous Version
- Upgrading Zscaler Client Connector
- Monitoring Usage
- Understanding the Zscaler Client Connector Dashboard
- About Enrolled Devices
- Viewing Device Fingerprint for an Enrolled Device
- Device States for Enrolled Devices
- Accessing One-Time Passwords for Enrolled Devices
- About Machine Tunnels
- About Zscaler Client Connector Integration with Deception
- About Partner Devices
- Viewing Device Fingerprint Information for a Partner Device
- Interacting with Zscaler Client Connector Remotely
- Interoperability
- Implementing Zscaler Client Connector in No-Default Route Environments
- Domain Validation in Zscaler Client Connector for ZPA Applications
- Best Practices for Zscaler Client Connector and VPN Client Interoperability
- Zscaler Client Connector and Charles Proxy Interoperability
- Zscaler Client Connector Processes to Allowlist
- Allowing Traffic to the ID Federation URL by Bypassing Zscaler Client Connector
- Enrolling Zscaler Client Connector Users When Using a Proxy
- Using Fiddler with Zscaler Client Connector
- Best Practices for Using PAC Files with Zscaler Client Connector
- Zscaler Client Connector API
- API Developer & Reference Guide
- Reference Guide
- Troubleshooting
- Zscaler Client Connector Errors
- Zscaler Client Connector: Windows Registry Keys
- Zscaler Client Connector: Connection Status Errors
- Zscaler Client Connector: ZPA Authentication Errors
- Captive Portal Sign-In Fails for Chromebook Users
- Zscaler Client Connector Displays Blank Page
- AppArmor Causes Auto-Upgrade to Zscaler Client Connector version 3.7.1 for Linux to Fail
- Firewall Posture Check Failure on macOS Sequoia
- Microsoft Outlook and Microsoft Teams Not Accessible
- Login Failure in Zscaler Client Connector for Android on ChromeOS version 1.12
- Browser-Based Authentication Fails When Using Certain Browsers to Launch Zscaler Client Connector for Linux and Windows
- DNS Request Failure in Zscaler Client Connector version 4.1.0.89
- DNS Resolution Failure in Zscaler Client Connector for Android on ChromeOS version 1.12
- Upgrading to Zscaler Client Connector 3.7 for Windows
- Missing Zscaler Client Connector GNOME Tray icon for Linux
- Upgrading to Windows 10, Version 2004
- Supporting M1 Processors
- Upgrading to macOS Big Sur
- Upgrading to macOS Catalina
- Upgrading to Android 10
- Using Zscaler Client Connector with Cisco AnyConnect on macOS Catalina
- Resolving Update Issues to Zscaler Client Connector 1.4.3
- Login Failures with Zscaler Client Connector Using Active Directory
- Downgrading Zscaler Client Connector to an Earlier Version
- Resolving Zscaler Client Connector Linux 1.2 DNS Configuration Issues for VPNs
- Resolving Auto-Update Issues for Zscaler Client Connector Linux 1.2
- Upgrading to Zscaler Client Connector version 1.9 for Android
- End User Guide
- Using Zscaler Client Connector
- Locating Where Zscaler Client Connector is Installed on Your Device
- Enrolling in the Zscaler Service on Zscaler Client Connector
- Viewing Information About Zscaler Client Connector
- Viewing Information About Private Access on Zscaler Client Connector
- Viewing Information About Internet Security on Zscaler Client Connector
- Viewing Information About Digital Experience on Zscaler Client Connector
- Viewing Information About Zscaler Endpoint DLP on Zscaler Client Connector
- Viewing Notifications on Zscaler Client Connector
- Zscaler Client Connector: Pop-Up Notifications
- Self Service Notifications in Zscaler Client Connector
- Reporting an Issue with Zscaler Client Connector
- Using Zscaler Diagnostics
- Troubleshooting Zscaler Client Connector
- Adding a Partner Tenant to Zscaler Client Connector
- Deprovisioning Your Device from Zscaler Client Connector
- Release Notes
- Zscaler Client Connector Portal Release Notes
- Zscaler Client Connector Release Notes (per OS)
- Zscaler Client Connector - ZDX Module Release Notes (per OS)
- Proxy Chaining
- Location Management
- About Locations
- Configuring Locations
- Understanding Sublocations
- Configuring Sub-Locations
- Configuring Multiple Locations and Sub-Locations
- Downloading Location and Sub-Location Information to a CSV File
- Importing Location and Sub-Location Information from a CSV File
- Configuring Dedicated Proxy Ports
- Configuring a Location Without a Static Public IP Address
- About Location Groups
- Configuring Manual Location Groups
- Configuring Dynamic Location Groups
- Configuring Azure Virtual WAN Locations
- Service Edges
- Maintenance Support for Virtual Service Edge
- Choosing Between Private Service Edges and Virtual Service Edges
- Firewall Configuration Requirements for Private Service Edge Deployments
- Using PAC Files for Private Service Edge Deployments
- Monitoring Virtual Service Edge Clusters
- Terms and Conditions for Private Service Edge
- Troubleshooting Virtual Service Edges
- Public Service Edge
- Private Service Edge
- Virtual Service Edge
- About Virtual Service Edges
- About Virtual Service Edge Clusters
- Configuring Virtual Service Edge Clusters
- Using an External Load Balancer for Virtual Service Edge Clusters
- Configuring Virtual Service Edge for Microsoft Azure
- Configuring Virtual Service Edge for Amazon Web Services
- Configuring Virtual Service Edge for Amazon Web Services with GWLB
- Configuring Virtual Service Edge for Microsoft Hyper-V
- Configuring Virtual Service Edge for Google Cloud Platform
- Adding Virtual Service Edge Instances
- Adding Virtual Service Edge Clusters
- Downloading a Virtual Service Edge VM
- Downloading Virtual Service Edge Certificates
- Configuring Virtual Service Edge and NTP Server Synchronization
- Virtual Service Edge Configuration Guide for Dual Arm Mode
- Forwarding Traffic to Virtual Service Edges
- China Premium Access
- IPv6
- Traffic Capture
- Extranet
- Policies
- Configuring Advanced Settings
- Understanding Policy Enforcement
- Configuring Policies for Unauthenticated Traffic
- About Rule Labels
- Adding a Rule Label
- About Devices
- About Device Groups
- About Time Intervals
- Understanding Workload Groups
- About Workload Groups
- Configuring Workload Groups
- Defining Time Intervals
- Printing Policies
- Accessing the Zscaler Deception Admin Portal using SSO
- About User Confirmation Notification Templates
- Configuring User Confirmation Notification Templates
- Configuring Settings for User Confirmation Notification Templates
- Advanced Threat Protection
- Bandwidth Control & Classes
- About Bandwidth Control
- Configuring the Bandwidth Control Policy
- Adding Rules to the Bandwidth Control Policy
- Bandwidth Control Policy Example
- About Bandwidth Classes
- Adding Bandwidth Classes
- Configuring the Web Conferencing Applications Bandwidth Class
- Configuring the VoIP Applications Bandwidth Class
- Configuring the Large Files Bandwidth Class
- Browser Control
- Secure Browsing
- Cloud Apps
- Cloud App Control Policies
- About Cloud App Control
- Understanding Cloud App Categories
- Adding Rules to the Cloud App Control Policy
- Adding an AI & ML Applications Rule for Cloud App Control
- Adding a Collaboration & Online Meetings Rule for Cloud App Control
- Adding a Consumer Rule for Cloud App Control
- Adding a Custom Applications Rule for Cloud App Control
- Adding a DNS Over HTTPS Services Rule for Cloud App Control
- Adding a File Sharing Rule for Cloud App Control
- Adding a Finance Rule for Cloud App Control
- Adding a Health Care Rule for Cloud App Control
- Adding a Hosting Providers Rule for Cloud App Control
- Adding a Human Resources Rule for Cloud App Control
- Adding an Instant Messaging Rule for Cloud App Control
- Adding an IT Services Rule for Cloud App Control
- Adding a Legal Rule for Cloud App Control
- Adding a Productivity & CRM Tools Rule for Cloud App Control
- Adding a Sales & Marketing Rule for Cloud App Control
- Adding a Social Networking Rule for Cloud App Control
- Adding a Streaming Media Rule for Cloud App Control
- Adding a System & Development Rule for Cloud App Control
- Adding a Webmail Rule for Cloud App Control
- Cloud Applications
- Cloud Application Instances
- Office 365
- Tenant Restriction
- Risk Profiles
- Data Loss Prevention
- About Data Loss Prevention
- Configuring DLP Policy Rules with Content Inspection
- Configuring DLP Policy Rules without Content Inspection
- Configuring DLP Policy Rules with Evaluate All Rules Mode Enabled
- Configuring DLP Advanced Settings
- Monitoring or Blocking Outbound Content by Data Size
- DLP Policy Configuration Example: Match Only
- Step-by-Step Configuration Guide for Webex Teams Real-Time DLP
- Accessing the DSPM Admin Portal using SSO
- DLP Dictionaries & Engines
- About DLP Dictionaries
- Understanding Predefined DLP Dictionaries
- Editing Predefined DLP Dictionaries
- Cloning Predefined DLP Dictionaries
- Adding Custom DLP Dictionaries
- Defining Patterns for Custom DLP Dictionaries
- Defining Phrases for Custom DLP Dictionaries
- Defining Microsoft Information Protection Labels for Custom DLP Dictionaries
- About DLP Engines
- Understanding DLP Engines
- Editing Predefined DLP Engines
- Adding Custom DLP Engines
- Cloning DLP Engines
- DLP Incident Receiver
- About Zscaler Incident Receiver
- Adding a Zscaler Incident Receiver
- Configuring the Zscaler Incident Receiver for On-Premises VMs
- Configuring the Zscaler Incident Receiver for Amazon Web Services EC2 VMs
- Configuring the Zscaler Incident Receiver for Azure VMs
- About ICAP Receivers for DLP
- About ICAP Communication Between Zscaler and DLP Servers
- Enabling Secure ICAP
- Enabling Unencrypted ICAP
- Adding an ICAP Receiver for DLP
- Configuring the ICAP Server with the Mutual Transport Layer Security (MTLS) CA Certificate
- DLP Index Tool
- DLP Exact Data Match
- DLP Indexed Document Match
- Labels and Tags
- Notification Templates
- Endpoint Data Loss Prevention
- About Endpoint Data Loss Prevention
- Step-by-Step Configuration Guide for Zscaler Endpoint DLP
- Understanding Endpoint Policy Enforcement
- Configuring Endpoint DLP Policy Rules
- About DLP Resources
- Adding DLP Resources
- Editing DLP Resources
- Adding a DLP Resource Group
- Editing a DLP Resource Group
- Endpoint Data Scan
- Accessing and Navigating the Endpoint Data Scan Report
- About Endpoint Data Scan
- About User Investigation
- Analyzing Endpoint DLP Scan for a User
- Configuration
- Device Control
- Inventory
- Outbound Email Data Loss Prevention
- What Is Zscaler Outbound Email DLP?
- Step-by-Step Configuration Guide for Zscaler Outbound Email DLP
- Understanding Outbound Email Policy Enforcement
- About Email Tenants
- Adding Email Tenants
- Editing Email Tenants
- Configuring Gmail for Zscaler Outbound Email DLP
- Configuring Microsoft Exchange for Zscaler Outbound Email DLP
- About Email Profiles
- Adding Email Profiles
- Editing Email Profiles
- About Outbound Email Policy
- Configuring Outbound Email Policy Rules
- File Type Control
- Firewall
- Understanding Firewall Capabilities
- Configuring Firewall Policies
- Enabling the Firewall for Locations
- Firewall HTTP Tunnel Connectivity
- Configuring Custom Ports
- ZIA & Application Layer Gateway Enabled Applications
- Firewall Control
- DNS Control
- FTP Control
- IPS Control
- Firewall Policy Resources
- About Network Services
- Configuring Network Services
- About Network Service Groups
- Configuring Network Service Groups
- About Network Applications
- About Network Application Groups
- Configuring Network Application Groups
- About Application Service Groups
- About Source IP Groups
- Configuring Source IP Groups
- About Destination IP Groups
- Configuring Destination IP Groups
- About DNS Application Groups
- Configuring DNS Application Groups
- About IP Pool
- About Threat Categories
- Adding Threat Categories
- About EDNS Client Subnet (ECS) Injection
- Adding EDNS Client Subnet (ECS) Prefixes
- About DNS Gateways
- Adding DNS Gateways
- Forwarding Control
- Dedicated IP
- Customer-Managed Dedicated IP (Source IP Anchoring)
- Zscaler-Managed Dedicated IP
- Third-Party Proxy Chaining
- Malware Protection
- Mobile Security
- Mobile Malware Protection
- Zscaler Client Connector Deployment
- Mobile App Store Control
- SaaS Security
- SaaS Application Tenants
- Data at Rest Scanning Policies
- Understanding the Data at Rest Scanning Policy
- About Data at Rest Scanning DLP
- Configuring the Data at Rest Scanning DLP Policy
- Configuring the Data at Rest Scanning DLP Policy Exceptions
- About Data at Rest Scanning Malware Detection
- Configuring the Data at Rest Scanning Malware Detection Policy
- Configuring the Data at Rest Scanning Malware detection Policy Exceptions
- About SaaS Security Scan Configuration
- Understanding SaaS Security Scan Schedules
- Configuring SaaS Security Scan Schedules
- Configuring the Data at Rest Scanning Exceptions
- Rights Management
- 3rd-Party App Governance
- Getting Started
- What Is 3rd-Party App Governance?
- Step-by-Step Configuration Guide for 3rd-Party App Governance
- Accessing and Navigating the 3rd-Party App Governance Admin Portal
- SAML Configuration Guide for Okta
- Connecting Your Platforms
- Find Your Application IDs
- Using 3rd-Party App Governance
- About the 3rd-Party App Governance Dashboard
- About the App Inventory
- App Inventory Filters
- Searching for Apps
- Custom Views
- Pre-Vetting Apps
- Uploading Apps in Bulk
- Taking Bulk Actions on Apps
- Revoking and Banning Apps
- Configuring End User Review
- About the App Panel
- Updating the App Risk Score
- Updating the App Finding Status
- About User Inventory
- About the User Panel
- 3rd-Party App Governance Policies
- Posture Management
- Posture Management - Essentials
- Posture Management - Advanced
- Sandbox
- SSL Inspection
- About Secure Sockets Layer (SSL)
- About SSL Inspection
- Supported Cipher Suites in SSL Inspection
- Safeguarding SSL Keys and Data Collected during SSL Inspection
- Adding Custom Certificate to an Application-Specific Trust Store
- About SSL Inspection Policy
- Configuring SSL Inspection Policy
- About Intermediate CA Certificates
- Choosing the CA Certificate for SSL Inspection
- Signing a CSR Using the Active Directory Certificate Services
- Configuring Software Protection Intermediate CA Certificate
- Configuring Cloud HSM Protection Intermediate CA Certificate
- Deployment Scenarios for SSL Inspection
- Certificate Pinning and SSL Inspection
- Best Practices for Testing and Rolling Out SSL Inspection
- URL Filtering
- About URL Filtering
- URL Format Guidelines
- Configuring the URL Filtering Policy
- About URL Categories
- Configuring Custom URL Categories
- About Bulk URL Upload Tool
- About TLD Categories
- Configuring TLD Categories
- Recommended URL & Cloud App Control Policy
- Configuring Advanced Policy Settings
- Adding URLs to the Allowlist
- Enforcing User-Based URL Policies on HTTPS Traffic
- About CIPA Compliance
- Looking Up URLs in the ZIA Admin Portal
- Looking Up URLs in Site Review
- ICAP Receivers
- Workflow Automation
- Data Protection
- Getting Started
- Incident Group
- Setup
- Configuring the DLP Application Integration Using Amazon Web Services
- Configuring the DLP Application Integration Using Azure
- Adding Integrations
- Managing DLP AWS Application Integrations in Workflow Automation
- Managing DLP Azure Application Integrations in Workflow Automation
- Managing Workflow Automation Integration with Slack
- Managing Workflow Automation Integration with Microsoft Teams
- Managing Workflow Automation Integration with ServiceNow
- Managing Workflow Automation Integration with Jira Software
- Managing Roles and Permissions
- Managing Admin Assignments
- Managing Priorities
- Managing Approvers
- Managing Notification Templates
- Adding Email Notification Templates
- Adding Slack Notification Templates
- Adding Microsoft Teams Notification Templates
- Managing Survey Templates
- Managing Incident and Digest Template Mappings
- Managing Account Settings
- Managing User Attributes
- Managing Integration Users
- Managing Labels
- Managing Custom Email Domains
- About Audit Logs
- Workflows
- Incidents
- Managing Incidents
- Viewing & Managing Incident Details
- Understanding Duplicate Incidents in Workflow Automation
- Using Incident Filters in Workflow Automation
- Responding to an End User Notification
- Responding to an Escalation Notification
- Responding to a User Digest Notification
- Responding to a DLP Admin Digest Notification
- Dashboard
- API Management
- Workflow Automation API
- API Developer & Reference Guide
- Getting Started
- Configuring the Postman REST API Client
- Understanding API Rate Limiting
- API Response Codes and Error Messages
- Reference Guide
- Zscaler Digital Experience
- Getting Started
- Setup
- Workflows
- Business Insights
- Getting Started
- Events
- Event Groups
- Setup
- Managing Priorities for Events
- Managing Integration Users for Events
- Adding Integrations for Events
- Managing ServiceNow Integration for Events
- Managing Notification Templates for Events
- Adding Email Notification Templates for Events
- Managing Survey Templates for Events
- Managing Template Mappings for Events
- Workflows
- Release Notes
- Security & UEBA Alerts
- Isolation
- Getting Started
- Policy Management
- Profiles
- ZIA Profiles
- ZPA Profiles
- Profile Certificates
- About Root Certificates for Isolation in ZIA
- Adding Root Certificates for Isolation in ZIA
- Editing a Root Certificate for Isolation in ZIA
- Deleting a Root Certificate for Isolation in ZIA
- About Root Certificates for Isolation in ZPA
- Adding Root Certificates for Isolation in ZPA
- Editing a Root Certificate for Isolation in ZPA
- Deleting a Root Certificate for Isolation in ZPA
- Profile Notifications
- Adding a Banner Theme for the Isolation End User Notification in ZIA
- Editing a Banner Theme for the Isolation End User Notification in ZIA
- Deleting a Banner Theme for the Isolation End User Notification in ZIA
- Adding a Banner Theme for the Isolation End User Notification in ZPA
- Editing a Banner Theme for the Isolation End User Notification in ZPA
- Deleting a Banner Theme for the Isolation End User Notification in ZPA
- End User Isolation Experience
- Using Persistent State for Isolation
- Accessing Multiple Sessions In Isolation
- Accessing Network Diagnostics in Isolation
- User Experience Modes in Isolation
- Read-Only Mode In Isolation
- Understanding Turbo Mode for Isolation
- Using Debug Mode for Isolation
- Using the Isolation Bar in Native Browser Experience
- Using the Right-Click Menu in Isolation
- Using Search in Isolation
- Understanding Language Translate for Isolation
- Transferring and Viewing Files in Isolation
- Local Browser Rendering for Isolation
- Bookmarking Web Pages in Isolation
- Mobile User Experience in Isolation
- Dashboard & Analytics
- About Dashboards
- About Widgets
- Adding Notes to Dashboards and Interactive Reports
- Web Data Types and Filters
- Mobile Data Types and Filters
- Firewall Data Types and Filters
- DNS Data Types and Filters
- Endpoint DLP Data Types and Filters
- Email DLP Data Types and Filters
- Extranet Data Types and Filters
- Reports
- About the Email Security Report
- About Email Security Report: Incidents
- About the Gen AI Security Report
- About the Instance Discovery Report
- Viewing the Resource Discovery Report
- About Cybersecurity Insights
- About Interactive Reports
- About Industry Peer Comparison
- About the System Audit Report
- About the Sandbox Activity Report
- Scheduling the Sandbox Activity Report Weekly Email
- About the Sandbox Files Found Malicious Report
- Scheduling the Sandbox Files Found Malicious Report Weekly Email
- CIPA Compliance Report
- About the Company Risk Score Report
- About the User Risk Report
- Company Summary Report (CIO Report)
- Company Summary Report (CSO Report)
- Security Policy Audit Report
- Executive Insights Report
- About SaaS Assets Summary Report
- Viewing Quarterly Business Review Reports
- About Attack Surface Report
- Configuring the Attack Surface Report Notification
- About Configuration Risk Report
- About the Data Discovery Report
- Viewing Data Discovery Details
- About the IoT Report
- About Discovered Devices
- Providing Feedback on IoT Device Classifications
- About Scheduled Reports
- Scheduling Reports
- Exporting and Importing Reports
- Printing Reports
- About Endpoint DLP Report
- About Endpoint DLP Report: Incidents
- Insights
- About Insights
- About Threat Insights
- SaaS Security Insights
- Analyzing Traffic Using Insights
- Tunnel Data Types and Filters
- Viewing User Reports in Web Insights
- Logs
- Email DLP Insights Logs: Columns
- Email DLP Insights Logs: Filters
- Extranet Insights Logs: Columns
- Extranet Insights Logs: Filters
- About Insights Logs
- About SaaS Security Insights Logs
- DNS Insights Logs: Columns
- DNS Insights Logs: Filters
- Firewall Insights Logs: Columns
- Firewall Insights Logs: Filters
- Mobile Insights Logs: Columns
- Mobile Insights Logs: Filters
- Tunnel Insights Logs: Columns
- Tunnel Insights Logs: Filters
- Web Insights Logs: Columns
- Web Insights Logs: Filters
- Endpoint DLP Insights Logs: Columns
- Endpoint DLP Insights Logs: Filters
- Nanolog Streaming Service
- Understanding Nanolog Streaming Service (NSS)
- About NSS Servers
- Adding NSS Servers
- About NSS Collector Servers
- Adding NSS Collector Servers
- Syslog Overview
- NSS Deployment Guides
- NSS Feeds
- Adding NSS Feeds
- Adding NSS Feeds
- Adding NSS Feeds for Web Logs
- Adding MCAS NSS Feeds
- Adding NSS Feeds for Firewall Logs
- Adding NSS Feeds for DNS Logs
- Adding NSS Feeds for Tunnel Logs
- Adding NSS Feeds for SaaS Security Logs
- Adding NSS Feeds for SaaS Security Activity Logs
- Adding NSS Feeds for Alerts
- Adding NSS Feeds for Admin Audit Logs
- Adding NSS Feeds for Endpoint DLP Logs
- Adding NSS Feeds for Email DLP Logs
- Adding Cloud NSS Feeds
- Adding Cloud NSS Feeds
- Adding Cloud NSS Feeds for Web Logs
- Adding Cloud NSS Feeds for Firewall Logs
- Adding Cloud NSS Feeds for DNS Logs
- Adding Cloud NSS Feeds for Tunnel Logs
- Adding Cloud NSS Feeds for SaaS Security Logs
- Adding Cloud NSS Feeds for SaaS Security Activity Logs
- Adding Cloud NSS Feeds for Admin Audit Logs
- Adding Cloud NSS Feeds for Endpoint DLP Logs
- Adding Cloud NSS Feeds for Email DLP Logs
- Formatting NSS Feeds
- General Guidelines for NSS Feeds and Feed Formats
- NSS Feed Output Format: Web Logs
- NSS Feed Output Format: Firewall Logs
- NSS Feed Output Format: DNS Logs
- NSS Feed Output Format: Tunnel Logs
- NSS Feed Output Format: SaaS Security Logs
- NSS Feed Output Format: SaaS Security Activity Logs
- NSS Feed Output Format: Admin Audit Logs
- NSS Feed Output Format: Endpoint DLP Logs
- NSS Feed Output Format: Email DLP Logs
- SIEM Deployment Guides
- Partner Integrations
- Zscaler Management Portal for Partners
- Getting Started
- What Is Zscaler Management Portal for Partners?
- Accessing and Navigating the Zscaler Management Portal for Partners
- Management Portal
- Administration
- Policy Templates
- Tenant Management
- ZIA API
- API Developer & Reference Guide
- Getting Started
- Configuring the Postman REST API Client
- Understanding Rate Limiting
- API Response Codes and Error Messages
- Reference Guide
- 3rd-Party App Governance API
- Sandbox Submission API
- Activation
- Admin Audit Logs
- Admin & Role Management
- Advanced Settings
- Advanced Threat Protection Policy
- API Authentication
- Authentication Settings
- Browser Isolation
- Cloud Applications
- Cloud App Control Policy
- Cloud Nanolog Streaming Service (NSS)
- Data Loss Prevention
- Device Groups
- DNS Control Policy
- End User Notifications
- Event Logs
- File Type Control Policy
- Firewall Policies
- Forwarding Control Policy
- Intermediate CA Certificates
- IoT Report
- IPS Control Policy
- Location Management
- Malware Protection Policy
- Organization Details
- PAC Files
- Policy Export
- Remote Assistance Support
- Rule Labels
- Sandbox Policy & Settings
- Sandbox Report
- Security Policy Settings
- Shadow IT Report
- SSL Inspection Policy
- System Audit Report
- Traffic Forwarding
- URL Categories
- URL Filtering Policy
- URL & Cloud App Control Policy Settings
- User Authentication Settings
- User Management
- Workload Groups
- API Rate Limit Summary
- Working with APIs
- Managing Admins and Roles Using API
- Managing Intermediate CA Certificates Using API
- Managing Locations Using API
- Obtaining Sandbox Reports Using API
- SD-WAN Integrations Using API
- Configuring VPN Credentials for IPSec Tunnels Using API
- Managing URL Allowlist and Denylist Using API
- Configuring URL Categories Using API
- Managing Users Using API
- Zscaler Data Center VIPs JSON
- Troubleshooting
- Capturing HTTP Headers on Microsoft Edge
- Executive Insights App Errors and Troubleshooting
- About Zscaler Analyzer
- Using the Zscaler Cloud Performance Test Tool
- Avoiding Google Captcha and Geolocation Issues
- Capturing HTTP Headers on Google Chrome
- Capturing HTTP Headers on Mozilla Firefox
- Capturing HTTP Headers on Safari
- Enabling Remote Assistance
- Managing the QUIC Protocol
- Measuring the Performance of the Zscaler Service
- Policy Reasons
- Supporting Citrix XenApp & XenDesktop Applications
- ZscalerOS Migration to Version 24
- Release Notes