-->
- Look, I’m a CISOI’m not going to tell you about the chinks in the armor of the various security services. IF you’re good enough to get past them at your company it won’t be because of a Quora question.
- Catholic education in the Archdiocese of Melbourne is a leading provider of school education. In 2018 there are 153,175 students enrolled in 330 Catholic schools in the Archdiocese, supported by more than 18,744 teaching and non-teaching staff.
How to customize the application package for Zscaler Client Connector by running it with macOS command-line options. Zscaler Root Certificate Firefox In Mac, from the Firefox menu, select Preferences. Click the Advanced icon (or Encryption). Click Certificates (or Encruption). Click View Certificates and Click Import. Navigate to your download folder, select the certificate file (.crt), and click OK. Check Trust this computer to identify websites. Information on upgrading to macOS Big Sur.
If you work with both Cloud App Security and Zscaler, you can integrate the two products to enhance your security Cloud Discovery experience. Zscaler, as a standalone cloud proxy, monitors your organization's traffic enabling you to set policies for blocking transactions. Together, Cloud App Security and Zscaler provide the following capabilities:
- Seamless deployment of Cloud Discovery - Use Zscaler to proxy your traffic and send it to Cloud App Security. This eliminates the need for installation of log collectors on your network endpoints to enable Cloud Discovery.
- Zscaler's block capabilities are automatically applied on apps you set as unsanctioned in Cloud App Security.
- Enhance your Zscaler portal with Cloud App Security's risk assessment for 200 leading cloud apps, which can be viewed directly in the Zscaler portal.
Prerequisites
- A valid license for Microsoft Cloud App Security, or a valid license for Azure Active Directory Premium P1
- A valid license for Zscaler Cloud 5.6
- An active Zscaler NSS subscription
Deployment
In the Zscaler portal, do the steps to complete the Zscaler partner integration with Microsoft Cloud App Security.
In the Cloud App Security portal, do the following integration steps:
Click on the settings cog and select Cloud Discovery Settings.
Click on the Automatic log upload tab and then click Add data source.
In the Add data source page, enter the following settings:
- Name = NSS
- Source = Zscaler QRadar LEEF
- Receiver type = Syslog - UDP
Note
Make sure the name of the data source is NSS. For more information about setting up NSS feeds, see Adding Cloud App Security NSS Feeds.
Click View sample of expected log file. Then click Download sample log to view a sample discovery log, and make sure it matches your logs.
Investigate cloud apps discovered on your network. For more information and investigation steps, see Working with Cloud Discovery.
Any app that you set as unsanctioned in Cloud App Security will be pinged by Zscaler every two hours, and then automatically blocked by Zscaler. For more information about unsanctioning apps, see Sanctioning/unsanctioning an app.
Next steps
If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.
Use the Zscaler Analyzer app to analyze the path between your location and the Zscaler Enforcement Node (ZEN), or to analyze the time it takes for your browser to load a web page, so the Zscaler Support team can detect potential issues. The app performs an MTR (Z-Traceroute) and a full web page load test (Z-WebLoad). The results provide the Zscaler Support team with all the information they need to debug network issues quickly. You can run the app multiple times at different intervals, for a more comprehensive view of your network path and performances. For example, you can run configure the app to run every hour for five hours.
The results are designed to be sent to the Zscaler Operations Team through Zscaler Support for analysis. Their experience and overall view of the entire cloud allow them to interpret the data and identify potential issues in the network path. Zscaler highly recommends that you do not try to interpret the results without consulting Zscaler Support.
By downloading Zscaler Analyzer, You agree to the terms and conditions for Zscaler Software available at https://www.zscaler.com/legal/license-agreement-for-zscaler-software/. In addition, You also acknowledge and agree that Zscaler will
(i) use the information that You provide in order to troubleshoot Your networking issues; and
(ii) store such information in its cloud (which will only be accessible by a unique URL).
YOUR USE OF THE ZSCALER ANALYZER IS EXPRESSLY CONDITIONED ON YOUR AGREEMENT TO THESE TERMS AND CONDITIONS. IF YOU DO NOT AGREE, DO NOT DOWNLOAD AND/OR OTHERWISE USE THE ZSCALER ANALYZER.
RequirementsYou can run the app from a device that has the following:
- Java (JRE) 1.8 update 40 or higher
- Microsoft Windows 7 or higher
- Mac OS X
Do the following to install the Zscaler Analyzer app:
- Download the latest version of the app at https://zmtr.zscaler.com/.
- Click either Windows or Mac OS to download the app.
- Do one of the following:
- From a Windows machine:
- Run ZscalerAnalyzer-windows-installer.exe.
- Complete the steps in the wizard.
Ensure that you install the app in a directory similar to Libraries/Documents to facilitate installation. If you install it in the Program Files directory, you may need additional permissions.
OR
- From a device running Mac OS X or higher:
- Run ZscalerAnalyzer-osx-installer.dmg.
- Complete the steps in the wizard.
NOTE: If your security settings prevent the you from installing the app on your Mac, do the following:- Launch System Preferences from the Apple menu authentication.
- Choose Security and Privacy, click the General tab, and then click the lock icon in the corner to unlock the settings.
- From the Allow applications downloaded from list, choose Mac App Store and Identified Developers.
- Accept any security warning, if presented.
- Install the app.
- From a Windows machine:
Zscaler Analyzer TraceRoute
Use the Zscaler Analyzer app to analyze the path between your location and the Zscaler Enforcement Node (ZEN), so the Zscaler Support team can detect potential network issues. The app performs an MTR (My Traceroute) and the results provide the Zscaler Support team with all the information they need to debug network issues quickly. You can run the app multiple times at different intervals, for a more comprehensive view of your network path. For example, you can run configure the app to run every hour for five hours
The results are designed to be sent to the Zscaler Operations Team through Zscaler Support for analysis. Their experience and overall view of the entire cloud allow them to interpret the data and identify potential issues in the network path. Zscaler highly recommends that you do not try to interpret the results without consulting Zscaler Support.
Running Z-TraceRoute
When you launch the app, click the Z-TraceRoute tab to see a window similar to the following.
Do the following to run the Zscaler Network Analyzer app:
- Define the settings:
- Host: If your computer is connected to a ZEN, this field displays the host name of the ZEN. You can specify a different host name, for example, if you want to analyze the path to another ZEN.
- Run Every: The app can run automatically at different intervals. For example, to configure the app to run every hour, 10 times, change Repeat to 10, and then choose the interval to Repeat every 1 hour. These 10 tests are called a group.
- Packet Count: Number of packets to send.
- Hop Limit: The maximum number of network hops measured.
- To define the following settings, click the Advanced Settings button to see the Z-Traceroute - Advanced Settings window.
- Data: Packet size in bytes
- Timeout: The maximum number of seconds to wait for a reply
- Command: You can configure advanced settings from this field if Zscaler Support requests that you override the default settings in order to better troubleshoot certain issues. To get the list of all options, run:
Example:
- Click Start Test.
- The app displays the geolocation of the client and the ZEN on the map, as shown below. Note that the locations shown may not be accurate. This is useful in determining if the client is geolocalized correctly or if its traffic is not going to the nearest ZEN.
- The application updates the Host Latency and the Latency per Hop widgets, and the results table.
- The Stop Test button replaces the Start Test button, as shown below. If you click the Stop Test button at any time, the app cancels all the other tests in the group.
You can minimize the Zscaler Performance Analyzer app before it completes all the configured runs. When the tool completes all the runs, the Start Test button replaces the Stop Test button.
Viewing the Results
If you configured the Zscaler Analyzer app to perform multiple runs, you can view the results for each completed run in the group by selecting it from the results list, as shown below.
- The Host Latency widget shows the latency that occurred when the device reached the ZEN.
- The Latency per Hop widget shows the latency for each intermediate network hop.
- The results table provides an overview of the results. It shows the following:
- #: Hop number
- Host: IP address of the intermediate host
- P. Sent: The number of packets sent to the intermediate host
- P. Recv: The number of packets sent back by the host
- P. Loss: Percentage of packet loss
- Best T.: Smallest latency of all tests in seconds
- Last T.: Latency of the last packet sent
- Avg. T.: Average latency
- Worst T.: Highest latency of all tests
Exporting the Results
When the app completes all the configured runs, export the results so you can send it to Zscaler Support.
- Click the Export All Results button and navigate to the folder to which you want to save the results. All results of the runs in a group are saved into a CSV file with a filename similar to za_results_12_15_2015_12_56_53_PM_PST.
The geolocation shown in the export file is likely to be incorrect. For example, the intermediate hops in the U.S. might be shown to be in Europe.
The following is the information displayed for each group (repetitions of the same test) in the CSV file:
- Result Import Time: Time of the data export
- ZA Version: Version number of the app
- Group Number: Group ID
- ZA Settings: The defined settings for the test
- Host: Name of the host from which the test was run
- Internal Source IP: Local IP address of the device
- Public Source IP: Public IP address of the outbound traffic
- Protocol: Protocol selected for the test.
- Number of Runs: Number of tests run
The following is the information displayed for each run inside a group:
- Run Number: Run ID
- Start Time: Time when the test started
- End Time: Time when the test ended
- Test Finished in: Duration of the test
- SNo: Results of the test for each intermediate host:
- Host: IP address of the intermediate host
- Longitude: GeoIP coordinate of the intermediate host
- Latitude: GeoIP coordinate of the intermediate host
- Location Name: GeoIP country of the intermediate host
- Packet Sent: Number of packets sent to the intermediate host
- Packet Received: Number of packets sent back by the host
- Loss: Number of packets lost
- Last Time: Latency of the last packet sent
- Best Time: Smallest latency of all tests
- Worst Time: Highest latency of all tests
- Avg Time: Average latency
- St Dev: Standard deviation
Use the Zscaler Analyzer app to analyze the time it takes for your browser to load a web page, so the Zscaler Support team can detect potential issues. The app performs a web page load test and the results provide the Zscaler Support team with all the information they need to debug issues quickly. Depending on your environment, the tool can compare the load time through a ZEN and load time going direct to Internet. You can run the app multiple times at different intervals, for a more comprehensive view of your network. For example, you can configure the app to run every hour for five hours.
Do the following to run WebLoad on the Zscaler Analyzer:
- Define the settings:
- Load: The app can test up to ten URLs at a time. The app provides a default list of URLs to run. You can choose to run the tests for all URLs or just one. To remove or add a URL, click on the Advanced Settings button.
- Every: The app can run automatically at different intervals. For example, to configure the app to run every hour, 10 times, change Repeat to 10, and then choose the interval to run Every 1 hour. These 10 tests are called a group.
- Use: The Page Load Time widget provides different results depending on your environment when you first open the app.
- If your traffic is going through the Zscaler service when you first start the app, you are running the app with the Zscaler Enforced Proxy. If you are not authenticated to the service, you may be asked to authenticate when the app is first opened. The authentication page is displayed in the Current Site Preview on the left.
- If your traffic is not going through the Zscaler service when you first start the app, you can choose the following options in the list:
- System Proxy: Choose this option if you want to use your Internet browser settings. For example, if you have configured your browser to use a PAC file or a ZEN, the app will use those settings.
- Custom PAC File: Choose this option if you want to use a PAC file to forward your traffic to the Zscaler service. The Zscaler service hosts default PAC files which are configured to automatically forward all browser traffic to the nearest ZEN. To learn how to retrieve the default PAC file URL, see How do I use PAC files to forward traffic to the Zscaler service?
- Custom Gateway: Choose this option if you want to specify a ZEN to which you want to forward your traffic.
- To specify a ZEN, enter the following:
- Gateway: Enter gateway.<cloud_name>. To learn how you can find your cloud name, see What is my cloud name?
- Port: Enter the port number.
- To specify a ZEN, enter the following:
If you choose to run the app with a Custom PAC File or Custom Gateway, you will be prompted to authenticate before you can start the test. The results table will provide results in the following categories:
- With Proxy: Your traffic is going through the Zscaler service
- Without Proxy: Your traffic is not going through the Zscaler service
To define the following settings, click the Advanced Settings button to see the ZWebload - Advanced Settings window.
- Edit Website(s): To remove a URL, choose a URL, then click the minus sign.
- Type New URL: To add a URL, enter a valid URL into the field, then click Add Website.
- Website Download Count: The number of times each website is downloaded.
- Click Start Test.
- The app displays the web pages of the URLs in the list, as shown below.
- The application updates the Page Load Time widget, and the results table.
- The Stop Test button replaces the Start Test button, as shown below. If you click the Stop Test button at any time, the app cancels all the other tests in the group.
You can minimize the Zscaler Analyzer app before it completes all the configured runs. When the tool completes all the runs, the Start Test button replaces the Stop Test button.
Viewing the Results
If you configured the Zscaler Analyzer app to perform multiple runs, you can view the results for each completed run in the group by selecting it from the results list, as shown below.
If you configured the Zscaler Analyzer app to test multiple URLs, you can view the results for each URL in the group by choosing Website from the Show Results For list.
- The Page Load Time widget shows how long it took your browser to load a web page.
- The results table provides an overview of the results. It shows the following:
- Time Stamp: The time when the test started
- Website: The tested URL
- Response Time: The average time it took the browser to load the main web page
Exporting the Results
When the app completes all the configured runs, export the results so you can send it to Zscaler Support.
- 1. Click the Export All Results button and navigate to the folder to which you want to save the results. All results of the runs in a group are saved into a CSV file with a filename similar to za_results_12_04_2015_09_49_51_AM_PST.
- Attach this file to a support ticket and submit it. The export file contains all the information required by the Zscaler Support team to interpret the results correctly. Please do not modify the file before sending it to Zscaler.
The following is the information displayed for each group (repetitions of the same test):
Zscaler App Install
- Result Import Time: Time of the data export
- Tool Version: Version number of the app
- Group Number: Group ID
- WebLoad Settings: The defined settings for the test
- Number of Runs: Number of tests run
- Proxy Type: Name of the proxy from which the test was run
- Gateway Name: Name of the gateway from which the test was run
- Gateway IP: IP address of the gateway from which the test was run
- ZEN: The Zscaler Enforcement Node from which the test was run
The following is the information displayed for each run inside a group:
Zscaler Mac Client
- Run Number: Run ID
- Start Time: Time when the test started
- End Time: Time when the test ended
- Test Finished in: Duration of the test
- SNo: Results of the test for each immediate host:
- URL: The tested URL
- URL IP: IP address of the URL tested
- Load Count: The number of times the URL was repeated
- Response Code: The HTTP response code for successful or failed requests
- DNS Time: The time it took client to contact DNS server
- Connect Time: The time it took browser to connect to the server
- Full Page Time: The time it took the browser to load the entire web page and all its assets, such as images, scripts, etc.