Zscaler ZPA

Version: Zscaler ZPA.

The Zscaler Private Access (ZPA) is a cloud service that permits organizations to provide access to internal applications and services while ensuring the security of their networks.

Netsurion's Open XDR platform monitors events from Zscaler ZPA. Its dashboard, alerts and reports will help you to track authentication activities of user and connectors, user activity and status and browser activity to keep you informed about the system and its activities. It will trigger alert whenever any authentication failure is detected to tackle security issues.

Netsurion Data Source Integration for Zscaler ZPA allows you to monitor the following components.

  • Security - User Authentication Failure
  • Operation - Browser activity, User activity and Connector status
  • Compliance - User Status

After the AS/400 is configured to deliver events to the Netsurion's Open XDR platform, the dashboards and reports can be configured into Netsurion's Open XDR platform.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security Zscaler ZPA - User Authentication Failure This alert is generated when user authentication failure is detected.
Security Zscaler ZPA - Connector Authentication Failure This alert is generated when any authentication failure of connector is detected.

Reports

Type Name Description
Operations Zscaler ZPA - Browser Activity This report gives the information about the HTTP log information related to browser access. Reports contain User email, HTTP method, protocol, request size, response size, user agent, URL, client IP, port and other details used for investigation.
Operations Zscaler ZPA - User Activity This report gives information related to user activities performed in Zscaler ZPA. Reports contain connection status, IP address, port, application name, username, customer name and other fields which provides a detailed view of the user activity.
Operations Zscaler ZPA - Connector Status This report gives information about all the connector status of Zscaler ZPA about management, data forwarding and configuration update. Reports contain session type, status, session ID, connector name and IP of connector and other useful details for investigation.
Compliance Zscaler ZPA - User Status This report gives information about the user status connected to Zscaler ZPA. Reports contain IP address, username, email, session status as (connected, disconnected and authenticated) and other useful information.

Documentation

The configuration details are consistent with Netsurion's Open XDR platform version 9.2 or later, and Zscaler ZPA.

Download Integration Guide and How-to Guide for more information and to configuration instructions.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept