5.2 Release Update Summary

This release features improvements to the admin portal, enhancements to CASB, the Zscaler firewall, End User Notifications, and other features.

Zscaler will be upgrading its production clouds with the 5.2 release during the months of June and July, 2016. Zscaler will email a notification to the registered support contacts approximately two weeks before your cloud is upgraded. To see scheduled maintenance updates for your cloud, visit the trust portal.

Upgrade Recommendations

The upgrade may affect your Zscaler service configured settings. Please note the following:

  • Zscaler has redesigned the End User Notification (EUN) templates. If you have existing EUNs that display your company logo, you may want to upload a logo with a transparent background, because the change may affect the appearance of the EUNs. If you customized the appearance of the EUNs with CSS styles, Zscaler recommends that you check how the CSS styles may affect the new EUNs. See Enhanced End User Notifications for more information.

Discontinuing Support for Adobe Flash Cookies

In our continuing effort to provide the highest level of security to our users, Zscaler is discontinuing its use of Adobe Flash cookies on its authentication pages and pre-provisioned cookies as an authentication mechanism. This is due to security concerns around the vulnerabilities of Adobe Flash cookies. For more information, see Ending Support for Adobe Flash Cookies.

New Authentication Page

The authentication page to the Zscaler service has been redesigned. See below to see an example of the previous authentication page, followed by an example of the new authentication page.

Previous Authentication Page

New Authentication Page

New Authentication Page

Dashboard and Reporting Features

Enhanced Dashboard Customization

The dashboards have been enhanced to make it easier for you to customize. Before this release, customizing the dashboards required visiting another page to change the title of the dashboard, create, edit, and delete widgets, and resize and move the widgets. You can now make all of these changes directly on the dashboard. If you create, resize, or move a widget, adjacent widgets automatically move to prevent overlapping.

CloudLock and CipherCloud

The Zscaler Cloud Applications Dashboard features a widget, Cloud Application Trend, which displays all the cloud apps used by your organization. In addition to our partnership with Skyhigh, Zscaler has partnered with CloudLock and CipherCloud to provide a risk profile for each application. Starting with this release, you can point to a cloud app in the widget and view the risk score provided by all three.

CloudLock and CipherCloud

Excluding Location Filter

You can now exclude locations from all user-related reports in the Dashboard, Interactive Reports, and the Executive Report. Before this release, you could only exclude locations from user reports

Managing Administrators

Granular Functional Scope Control

You can now specify with more granularity which features of Authentication Configuration and Traffic Forwarding a role can access when specifying Functional Scopes in the Role Management page, as shown below.

Granular Functional Scope Control

Admin Portal Enhancements

Enhanced Tooltips

All fields in the Policy and Administration tabs now provide tooltips so users can quickly get the information they need, without leaving the portal.

Enhanced Tooltips

End User Subscription Agreement (EUSA) Notification

You can now access the EUSA from the admin portal if your account is in the “Agreement Pending” state. When your account has this status, the notification will appear at the top of the admin portal as a reminder to accept the EUSA. You can click the notification to see and accept the EUSA.

Company Name

The user icon now displays your company name in addition to your username when you hover over it.

Enhanced End User Notifications

Zscaler has enhanced the end user notifications (EUNs). Note that the steps to configure notifications have not changed, and you can still customize your EUNs. See below to see an example of the previous EUN template, followed by an example of the new EUN template.

Previous EUN Template

Enhanced End User Notifications

New EUN Template

Next Generation Firewall Enhancements

Outbound Firewall Improvements

The Zscaler firewall has been enhanced as follows:

  • The Zscaler service now provides the ability to redirect outbound HTTP, HTTPS, FTP and DNS traffic that is destined to a non-standard port and that does not match any predefined network service to the web engine for inspection. For example, if HTTP traffic is destined to a server on a non-standard port, Zscaler redirects the traffic to the web proxy engine even if the port is not configured in an HTTP predefined services group. New deployments will have these options enabled by default. Organizations with existing firewall subscriptions that are upgrading to this release will have to enable these options.  
  • You can now create network services with overlapping ports for the same protocols and add these network services to the firewall control policy. For example, FTP on port 21 is a standard network service. A custom network service that includes port 21 can now be defined.

Behavioral Analysis

Support for RTF files in ABA

The Advanced Behavioral Analysis feature has been enhanced to support Rich Text Format (RTF) file types. If you have an Advanced Behavioral Analysis subscription, you can now select RTF file types when adding rules to your Behavioral Analysis policy.

Authentication

Improvements in Surrogate IP

The Surrogate IP feature has been enhanced to provide more stable user-to-IP mappings, regardless of events in the Zscaler cloud. In earlier releases, some events may have  intermittently disrupted the mappings.