Zscaler Web Security
  • 03 Mar 2024
  • 3 Minutes to read
  • Dark
    Light
  • PDF

Zscaler Web Security

  • Dark
    Light
  • PDF

Article Summary

Zscaler Web Security is a secure Internet and web gateway service that stops malware, advanced threats, phishing, browser exploits, malicious URLs, botnets, and more.

This adapter is compatible with Zscaler Internet Access (ZIA).


Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Users
  • SaaS Data

Parameters

  1. Zscaler Domain (required, default: admin.zscalerthree.net) - Specify the Zscaler cloud name that was provisioned for your organization. For example:

    • admin.zscalerbeta.net
    • admin.zscalerone.net
    • admin.zscalertwo.net
    • admin.zscaler.net
    • admin.zscloud.net
    • admin.zscalerdomain.net
    • mobileadmin.zscalerdomain.net
    • mobile.zscalerdomain.net

    For more details, see 'Retrieve your base URI and API key' section under Zscaler API - Getting Started.

    Note:

    Your organization may use a Zscaler domain for Single Sign On (SSO) that is different from the Base URL. This domain may need to be accounted for in firewall rule configurations to allow for a successful connection.

  2. User Name and Password (required) - The user name and password used to connect to Zscaler Web Security.

  3. API Key (required) – Your organization's API key. The API key is mandatory to fetch user data from Zscaler.
    For more details about adding a new API key, see Zscaler documentation - About API Key Management.

  4. Company ID (optional) - Enter the Company ID. This parameter is only required if the Fetch Zscaler Client Connector enrolled devices parameter is selected.

  5. Verify SSL - Select to verify the SSL certificate offered by the value supplied in Zscaler Domain. For more details, see SSL Trust & CA Settings.

  6. HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Zscaler Domain.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Zscaler_Web_Security


Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Ignore duplicated MAC addresses
    • If enabled, all connections for this adapter will ignore MAC addresses that are associated with more than one device fetched from Zscaler.
    • If disabled, all connections for this adapter will fetch all MAC addresses from Zscaler.
  2. Fetch users (required, default: true) - Select whether to fetch users' data from Zscaler.
    • If enabled, all connection for this adapter will fetch users data. Each user will be added as a user asset in Axonius.
    • If disabled, all connection for this adapter will not fetch users data.
  3. Avoid hostnames duplications - Select this option to avoid returning duplicate hostname fetches.
  4. Fetch Zscaler Client Connector enrolled devices - Select to fetch enrolled devices from the Zscaler Client Connector.
Note:

When Fetch Zscaler Client Connector enrolled devices is selected, you must enter a value in the Company ID parameter.

  1. Enrich devices service status - Select this option to enrich device information with Service Status data.
  2. Add last used users information for duplicated devices - Select this option to add the last used users information for duplicated devices. This is only applicable only when “Avoid hostnames duplications” is used.
  3. Add Device Manufacturer Serial for Zscaler devices - Select this option to extract the device manufacturer serial number from the UDID and add it to the device.
  4. Discover Application Users (required, default: true) - By default this adapter fetches SaaS application users. Clear this option to not fetch SaaS application users.
  5. Include Linux devices - Select this option to include devices that have the Linux operating system on the device fetch.
Note:

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Permissions

The following permissions are required for this adapter:
Functional Scope:

Under the 'Edit Administrator Role' setting:

  • Access Control
  • Policy and resource management
    • Zscaler Client Connector Portal
  • Traffic Forwarding
    • Zscaler Client Connector Devices
  • Authentication Configuration
    • User Management
  • Administrator's Access
    • View Only
  • Dashboard Access
    • View Only
  • Policy Access
    • View Only
  • Reporting Access
    • View Only
Note:

The value that you have in the Zscaler Domain parameter must be open in the firewall.



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.