Configuring Zscaler on SteelHead SD
This topic describes how to integrate Zscaler on SteelHead SD 2.0. It includes these sections:
Zscaler overview
Key features
SteelHead SD Restrictions
Basic steps
Zscaler overview
Zscaler is a cloud-based security provider that distributes components of a standard proxy to create a giant global network that acts as a single virtual proxy.
Zscaler cloud security solution is supported on SteelHead SD 570-SD, 770-SD, 3070-SD appliances and the SteelConnect SDI-2030 gateway. The configuration procedures are the same for SteelConnect gateway appliances. For details on Zscaler, see Zscaler overview in the SteelConnect Manager User Guide.
Key features
SteelHead SD supports these features:
Availability and management of ZEN lists.
Automatic selection of ZEN nodes based on latency, and the ability to select Zen nodes manually.
The ability to create two VPN tunnels per site to Zscaler that act as active and passive.
Failover based on IPsec dead per detection (DPD) method, which takes about 120 seconds.
Zscaler support for high availability deployments.
SteelHead SD Restrictions
Currently, Zscaler for SteelHead SDs has these restrictions:
Only tunnel status is reported.
You can’t enable traffic path rules for the Zscaler WAN.
Basic steps
Perform these basic steps to configure Zscaler. For details, see the SteelConnect Manager User Guide.
1. On SCM, enable Zscaler by selecting the Zscaler Cloud.
2. On SCM, select the ZEN lists either automatically or manually.
3. On Zscaler, download the VPN credentials and locations on the SCM Zscaler page.
4. Import the credentials in the Zscaler portal.
5. On the site, set the Zscaler WAN as the Internal breakout preference at the organization, site, or zone level.