More Related Content
Similar to Product_Engineer_Zscaler
Similar to Product_Engineer_Zscaler (20)
Product_Engineer_Zscaler
- 1. About Zscaler Inc.
Zscalerisan exciting,high-growthtechnologycompany.
Zscaler’sSecurityCloudisacomprehensive,carrier-grade internetsecurityandcompliance platform
runninginmore than 100 data centersdistributedaroundthe globe. Zscaleractsas a seriesof
checkpostsinbetweenyourorganizationandthe publicinternet,scanningall incomingandoutgoing
trafficbetweenanydevice,anywhere inthe world,andthe internettoidentifyandblockpotential
threatsand to protectyour intellectualproperty.
Zscalerscan's all trafficcomingon port80/443.
Traffic forwarding and Authenticationmethodinvolvesas below:-
--->Traffic forwardingMethods:-
ExplicitProxy to Zscaler.
1)Manual proxy
2)PACfile-Proxyautoconfigurationscript.
Transparent Proxyto Zscaler.
1)GRE tunnel tozscalerDC.
2)IPSECVPN tunnel toZscalerDC.
3)Port forwardingandproxychaining.
- 2. --->AuthenticationMethodsare as following:-
1)HostedDB,where DBishostedon Zscalerend.
2)SAML-Simple AssertionMarkuplanguage withServiceidentitySAML,IdentitybasedSAMLwhichis
implementedonWindowsADFSServer1.0and 2.0.
3)LDAP-Lightweightdirectory accessprotocol forthe OrganizationalreadyusingLDAPandwantto
have it's usersprovisionedandAuthenticate onZscaler.
4)Active DirectoryMechanismforthe Organizationusersalreadyhave aDirectoryserverandwantto
provisionUsersonZscaler.
My role as CloudSecurityProductEngineerare asbelow:-
• Provide trainingsonZscalerAdminUI.
• Workingon WiresharkforPacketcaptures(ClientandServerside) forissue reportedbasedon
Errors,slowness,latency.
• Workingon ftpoverhttp traffic.
• TroubleshootingonZEN Nodes/ZEN DC's.
• CheckingHealthof SMCA and ZEN serversthrough Nagiosmonitoringtool.
• ProvidingSME'sreportsbasedon CPU usagesandBandwidthoverthe Time toClientsand
partners.
• ProvidingUSERcount,Trafficgrowthreportoverquarterto Accountmanager.
• SSL interceptionforhttpstrafficthroughzscaler.
• ProvisioningIPof LocationforZscalerCustomersonmultiple ZscalerCloud.
• TroubleshootingonURL Policybasedinvolves(URLfilteringpolicyandCloudAppcontrol policy-
WEB-2.0) issuesforlocationanduserbasedtrafficforwarding.
• ProvisioningandConfiguringthe GRETunnel andZ-VPN Nodestothe customersbasedonGEO-
IP provided.
• Re-Categorizationof URL'sand domains,investigatingfromVirustotal,Mcafee,bluecoatDB.
• ReportingMalware threat,AdwareSpyware,Botnetcall backstoour Securityresearchteamfor
investigation.
• Analyzingof Behavioranalysisof variousfile types.
• GEO IP overide forthe PublicIPAddressesforclientstoconnecttoZscalerDC’s.
• ExplainingZscalerApp,eZAgentanditsfeatures. WorkingonpostgressDBfortroubleshooting.
• TroubleshootingonGRE tunnelsandIPSECVPN'stakingof clientcapturesandinvestigatingof
trafficwithIPSECand GRE headers.