Presentation is loading. Please wait.

Presentation is loading. Please wait.

EZ – In Depth Manoj Apte VP Product Management July 2010.

Similar presentations


Presentation on theme: "EZ – In Depth Manoj Apte VP Product Management July 2010."— Presentation transcript:

1 EZ – In Depth Manoj Apte VP Product Management July 2010

2  EZ agent covers corner cases (< 10% users) by enforcing proxy settings at all times  Agent also aids with “captive portals” that require authentication prior to establishing internet access  Settings are disabled while network connection has not been established and reinforced upon connection Copyright (c) Zscaler CONFIDENTIAL2 Introducing EZ EZ Agent Enforced

3  Traditional vendors use a “thick” client for authentication and policy enforcement – increased IT burden  Client may conflict with VPN drivers and AV clients  Deployment is difficult because of the large file size  Zscaler service does not require a client  Traffic redirection via proxy settings  Authentication via patented cookies technology  In a small fraction of use cases such as road warriors without centralized provisioning these settings can not be enforced  Potential data leakage risks due to malicious employees  Compromise of remote corporate assets by malware, adware and spyware Copyright (c) Zscaler CONFIDENTIAL3 “Thick” Client Inefficiencies Road Warrior

4  Plug-in is lightweight (< 4MB) and easy to deploy compared to “thick” clients  Can be centrally provisioned and maintained via GPO or Web download  Tamper proof but provision to disable and uninstall for privileged users with a password Copyright (c) Zscaler CONFIDENTIAL4 EZ Benefits Password prompt if user tries to disable or uninstall the application

5  EZ_JUL15.ZIP  Contains all files for EZ Agent  EZAgentUserGuide.pdf  Complete description of EZ and installation guide Copyright (c) Zscaler CONFIDENTIAL5 EZ : Packaging

6 1.Unzip contents of the Zip file into some directory 2.Run Setup.BAT. Copyright (c) Zscaler CONFIDENTIAL6 Installing EZ with no customization

7 Windows Service that monitors tray process and restarts it if it is killed. Ensures Tamper Resistance Service Enforces Proxy Settings Bypass Proxy for Captive Portal Password based temporary disable for enforcement Tray Uninstall Password Temporary Disable Password Timeout for forcing proxy even if Service is not accessible Polling interval to retry Service in a captive portal Configuration File Settings Copyright (c) Zscaler CONFIDENTIAL7 EZ Components

8  Note: Proxy and PAC File settings are monitored for ALL types of Internet connections (LAN Settings is standard, but there may be modem internet connections as well)  PAC File  Checkbox for PAC file enforcement  URL for PAC File  Proxy  Checkbox for Set Proxy  Proxy address for each type of protocol  Proxy Exception List  Hide Tray Icon  Tray process is running in background, but tray icon is hidden.  Test Connection Host  Gateway Connectivity Test can be pointed to a private sub-cloud  Polling Interval in Seconds  Retry connection to Service every X Seconds after Proxy is disabled  Force Proxy Timeout in Seconds  If Service is unavailable, force proxy settings regardless of Service availability after polling for X Seconds (Tamper Resistance Feature)  Applications to kill  Example: Opera browser can be disallowed by configuring opera.exe in the kill list. A warning is given to the user from the tray icon Copyright (c) Zscaler CONFIDENTIAL8 Details of what Tray Sets and monitors

9 Copyright (c) Zscaler CONFIDENTIAL9 Sample Configuration file ConfigVersion = DebugLevel =0 DisablePassword =ZSCALER UninstallPassword =ZSCALER PollingIntervalInSeconds =30 ForceProxyTimeOutInSeconds =0 WatchdogLimitInSeconds =300 # Setting for IE redirect limit. Helps with IE 8 MaxHTTPRedirects =20 UseProxyServer =0 HTTPProxy =gateway.zscaler.net HTTPProxyPort =80 HTTPSProxy =gateway.zscaler.net HTTPSProxyPort =80 FTPProxy =gateway.zscaler.net FTPProxyPort =80 SOCKSProxy =gateway.zscaler.net SOCKSProxyPort =80 ProxyBypassIE =10.*;192.*;*.zscaler.org ProxyBypassMozilla =10.*,192.*,*.zscaler.org UsePacFile =1 PACFileURL =http://pac.zscaler.net/zscaler.net/proxy.pac HideTrayIcon =0

10  Unzip package into some directory. It contains:  Setup.bat, config.txt, config.dat, encrypt_cfg.exe and zInstaller.exe  Create custom config.txt and encrypt it :  encrypt_cfg.exe e config.txt config.dat  GPO based deployment:  Deploy Setup.BAT, zInstaller.exe, config.dat in some directory  Run SETUP.BAT  GPO based uninstall  Run Uinst000.exe in the directory where EZ was installed with  Uninst000.exe /PASS= /VERYSILENT  NOTE: All command line parameters are case sensitive Copyright (c) Zscaler CONFIDENTIAL10 Steps for GPO based install and uninstall

11  Loading a new configuration file:  Method 1 (with admin priviledge):  Copy new configuration file in ProgramData\RTServicemon (requires admin priviledge)  Right click on EZ agent and “Test Connection”  Method 2 (without admin priviledge):  Right click on EZ Agent “Load new configuration file”  Point to the new configuration file  Debugging  Set debug level to 10 and ask user to reload new configuration Copyright (c) Zscaler CONFIDENTIAL11 Other things…


Download ppt "EZ – In Depth Manoj Apte VP Product Management July 2010."

Similar presentations


Ads by Google