5.2 Release Update Summary
This release features improvements to the admin portal, enhancements to CASB, the Zscaler firewall, End User Notifications, and other features.
Zscaler will be upgrading its production clouds with the 5.2 release during the months of June and July, 2016. Zscaler will email a notification to the registered support contacts approximately two weeks before your cloud is upgraded. To see scheduled maintenance updates for your cloud, visit the trust portal.
The upgrade may affect your Zscaler service configured settings. Please note the following:
- Zscaler has redesigned the End User Notification (EUN) templates. If you have existing EUNs that display your company logo, you may want to upload a logo with a transparent background, because the change may affect the appearance of the EUNs. If you customized the appearance of the EUNs with CSS styles, Zscaler recommends that you check how the CSS styles may affect the new EUNs. See Enhanced End User Notifications for more information.
Discontinuing Support for Adobe Flash Cookies
In our continuing effort to provide the highest level of security to our users, Zscaler is discontinuing its use of Adobe Flash cookies on its authentication pages and pre-provisioned cookies as an authentication mechanism. This is due to security concerns around the vulnerabilities of Adobe Flash cookies. For more information, see Ending Support for Adobe Flash Cookies.
New Authentication Page
The authentication page to the Zscaler service has been redesigned. See below to see an example of the previous authentication page, followed by an example of the new authentication page.
Previous Authentication Page
Dashboard and Reporting Features
Enhanced Dashboard Customization
The dashboards have been enhanced to make it easier for you to customize. Before this release, customizing the dashboards required visiting another page to change the title of the dashboard, create, edit, and delete widgets, and resize and move the widgets. You can now make all of these changes directly on the dashboard. If you create, resize, or move a widget, adjacent widgets automatically move to prevent overlapping.
CloudLock and CipherCloud
The Zscaler Cloud Applications Dashboard features a widget, Cloud Application Trend, which displays all the cloud apps used by your organization. In addition to our partnership with Skyhigh, Zscaler has partnered with CloudLock and CipherCloud to provide a risk profile for each application. Starting with this release, you can point to a cloud app in the widget and view the risk score provided by all three.
Excluding Location Filter
You can now exclude locations from all user-related reports in the Dashboard, Interactive Reports, and the Executive Report. Before this release, you could only exclude locations from user reports
Admin Portal Enhancements
All fields in the Policy and Administration tabs now provide tooltips so users can quickly get the information they need, without leaving the portal.
You can now view the Zscaler recommendations for each policy by clicking Recommended Policy, as shown below.
End User Subscription Agreement (EUSA) Notification
You can now access the EUSA from the admin portal if your account is in the “Agreement Pending” state. When your account has this status, the notification will appear at the top of the admin portal as a reminder to accept the EUSA. You can click the notification to see and accept the EUSA.
The user icon now displays your company name in addition to your username when you hover over it.
Enhanced End User Notifications
Zscaler has enhanced the end user notifications (EUNs). Note that the steps to configure notifications have not changed, and you can still customize your EUNs. See below to see an example of the previous EUN template, followed by an example of the new EUN template.
Previous EUN Template
Next Generation Firewall Enhancements
Outbound Firewall Improvements
The Zscaler firewall has been enhanced as follows:
- The Zscaler service now provides the ability to redirect outbound HTTP, HTTPS, FTP and DNS traffic that is destined to a non-standard port and that does not match any predefined network service to the web engine for inspection. For example, if HTTP traffic is destined to a server on a non-standard port, Zscaler redirects the traffic to the web proxy engine even if the port is not configured in an HTTP predefined services group. New deployments will have these options enabled by default. Organizations with existing firewall subscriptions that are upgrading to this release will have to enable these options.
- You can now create network services with overlapping ports for the same protocols and add these network services to the firewall control policy. For example, FTP on port 21 is a standard network service. A custom network service that includes port 21 can now be defined.
Support for RTF files in ABA
The Advanced Behavioral Analysis feature has been enhanced to support Rich Text Format (RTF) file types. If you have an Advanced Behavioral Analysis subscription, you can now select RTF file types when adding rules to your Behavioral Analysis policy.
Improvements in Surrogate IP
The Surrogate IP feature has been enhanced to provide more stable user-to-IP mappings, regardless of events in the Zscaler cloud. In earlier releases, some events may have intermittently disrupted the mappings.