This article provides an overview of leveraging Zscaler captive portal with Cloudi-Fi in three different ways.
Leveraging Zscaler ZIA with Enhanced Authentication
For existing Zscaler customers, securing the guest network is usually secured by the tenant, but authentication is not done or done locally on the network. Consequently, all guests are not identified in Zscaler, and only one policy is applied to all traffic (daily guests, consultants, and BYOD). To leverage Zscaler ZIA, it is necessary to configure GRE/IPSEC redundant tunnels on the router/firewall/SD-WAN device.
Customizable Time and Duration Settings for Zscaler Security Policies
With the captive portal, guests can be profiled based on their authentication method. Different policies can be applied to daily guests, consultants, employees, and directory groups in Zscaler. Security policies, along with time and duration settings, can be configured for each profile.
Manage compliance for your captive portal deployed on Zscaler
In numerous countries, retaining Internet logs for a designated period and associating them with the respective users is mandatory. The correlation of authentication and Internet logs is required for government request processing, and all logs are securely hosted in the cloud.
By correlating authentication logs from Cloudi-Fi and pseudonymized Internet logs from Zscaler, administrators can utilize the Cloudi-Fi administration interface and the "Visits" menu for this purpose. Access to this menu should be restricted to a select few administrators with appropriate administration profiles.
Within this table, you will find an overview of four distinct configurations that offer various implications regarding setup and licensing.
|1. Deployment with a dedicated Zscaler Tenant
|2. Deployment with your existing Zscaler Tenant
|2.1. Full integration
|2.2. Only location integration
|2.3. Manual integration
|Deployment of a new site
|On demand to Cloudi-fi Support
For more information about our solutions integrated with Zscaler, including a how-to video and a comprehensive solution brief, please visit our partner page.