Netify have released our 2024 SD-WAN comparison blog article

Cato SD-WAN Netify Review

Sector, Company Type, and Location:Manufacturing  |  Healthcare  |  Retail  |  Financial Services  |  Vendor  |  Europe  |  Asia  |  Australia  |  Middle East  |  UK  |  North America  |  South America
Tags & Search Filters:SD WAN  |  XDR  |  CASB  |  ZTNAand 11 more tags  |  Co-managed SD WAN services  |  Internet leased line  |  SASE Cybersecurity  |  Managed SD WAN services  |  MDR  |  FWaaS  |  SWG  |  Endpoint protection  |  SIEM  |  Security service edge  |  Global private backbone

Cato's SASE has been named a Challenger within the Gartner Magic Quadrant and named a leader by Forrester. Cloud integrates SD-WAN features with SASE components. The Cato capability offers SD-WAN and SASE solutions via Cato Sockets and Cato Cloud. Cato Sockets (SD-WAN devices) integrate datacenter into Cato Cloud, which is a cloud-native platform designed to merge network security with global connectivity. Cato are typically associated with mid-market, global companies that require co-managed SD-WAN and SASE. Cato has shown a commitment to evolving their services across advanced security and AI-driven network management enhancements.


Zscaler SASE Solution: Comparisons, Review, Benefits, Use Cases, Pros & Cons

Author: Netify Research Team

If you have questions about Zscaler and how their capability is aligned to your needs, email the Netify research team. UK: North America:

(Please use the UK email for ROW - Rest of the World - questions or inquiries)

Resources and Downloadable Content

Request the very latest Zscaler SASE sales PDF directly from your local account team. Please check your junk folder if not received.

Complete your details to arrange a demo of Zscaler. You will receive contact requesting available dates and times - please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.


Netify Review

Zscaler offers a granular and comprehensive cloud-delivered SASE security solution with added security services and a cloud-based security stack. The offering is an option for clients with large multinational corporations who require SASE or granular security to secure their SD WAN network. The company also have solid solutions for remote users, as they leverage their cloud capabilities to offer clients remote access via their Work-From-Anywhere solution (see, How does Zscaler support remote users?). Enterprises looking to secure their distributed mobile workforce or SD WAN transformation, moving applications to AWS or Azure and Office 365, may find Zscaler’s offering valuable in these use cases. User reviews are generally mostly positive, with conflicting reports of ease of use. Due to the complex, granular nature of the service, it is strongly advised that only large multinational enterprises are typically suited to this solution. Any customer looking to implement Zscaler's solution should ensure that the IT teams responsible for the management of the service have sufficient resources and are experienced with this type of solution to provide a positive outcome.

However, caution is advised due to Zscaler’s large number of service provider and integrator partners and a wide range of SD WAN vendor partners. IT managers will have to choose an SD WAN solution to go with Zscaler SASE, then a service provider or integrator to provide most overlay services. Choosing can be a complex task, but it can be simplified using the Netify comparison tool - give it a try here

Marketplace Assistance

Are you an IT decision maker building your own SD WAN or SASE Cybersecurity shortlist?

Take our 90 second assessment quiz to find out which top 3 vendors or managed providers are a match for your answers.


About Zscaler

Zscaler is a cloud-based information security company founded in 2008, with its headquarters in San Jose, California, United States. The company provides 150+ data centres and customers in 185 countries worldwide, as well as cloud-based security products, including SASE and a cloud-based security stack. They also hold a high Net Promoter Score of 76 for customer satisfaction. In 2022 Zscaler acquired the software development firm ShiftRight whose primary focus is closed-loop security workflow automation. This acquisition enables Zscaler to integrate ShiftRight’s workflow automation technology into the Zscaler Zero Trust Exchange™ cloud security platform.

Pros & Cons

What are the pros and cons of Zscaler SASE Cybersecurity?

List of the pros and cons associated with Zscaler SASE security.


  • Zscaler provides native security within major cloud providers such as AWS or Azure.
  • Strong remote access offering leverages cloud capabilities and can secure Bring Your Own Device (BYOD) devices and corporate managed, regardless of location.
  • Customer reviews are overwhelmingly positive for Zscaler’s secure internet access and support for remote workers. Users point to a robust and powerful solution which is simple to deploy and has strong integrations.


  • Wide range of service providers and integrator partners to choose from - some clients may need help selecting a partner that suits their business needs.
  • Enterprise-grade SASE solution, which makes Zscaler unsuitable for SMEs.
  • Customer reviews indicate that reporting could be improved, with high licensing costs, time-consuming updates, and difficulties with implementation and management due to the solution's complex nature.

Comparison: Zscaler vs Crowdstrike vs Palo Alto vs Citrix SD WAN & security

Consider the points below to compare Zscaler vs Crowdstrike vs Palo Alto vs Citrix SD WAN and SASE security.


  • Zscaler is suitable for large multinational corporations requiring a granular SASE solution. 
  • Operates 150 data centres worldwide. 
  • Provides native security to nine major cloud providers, including Azure, AWS and Google Cloud. 


  • CrowdStrike is a suitable choice for clients looking for a granular security stack.
  • Provides security for data centres
  • Offers security for cloud vendors AWS, Azure and Google Cloud. 

Palo Alto Networks

  • Suitable choice for large global enterprises looking for integrated SD WAN and SASE. 
  • Provides security for data residing in data centres
  • Offers cloud security for Azure, AWS and Google Cloud.


  • Suitable for clients requiring a comprehensive and cloud-based SD WAN and SASE solution. 
  • Citrix offers data centre modernization services. 
  • Provides a hybrid cloud environment with access to AWS, Azure and Google Cloud. 

Similar Vendors

Top 3 similar SASE Vendors

Click the service provider logo to find out more about each respective SASE solution.

Products & Services

What are Zscaler's Solutions?

Zscaler offers comprehensive, secure solutions that can be integrated with SASE or work as a separate security stack. 

  • Zscaler Internet Access: A cloud-delivered security stack as a service designed to protect mobile remote users and connect to cloud applications; however, it can also provide security for branch offices and HQ/IoT. The service includes the following: URL filtering, CASB, cloud firewall/IPS, DLP, CSPM, sandboxing, browser isolation and complete SSL visibility.
  • Zscaler Private Access (ZPA): Provides ZTNA for private applications, offering seamless zero-trust access to private applications running from within the data centre or out of the public cloud. Customers can connect to applications via inside-out connectivity instead of extending the network to them by preventing applications from being exposed to the internet, making them completely invisible to unauthorized owners. The ZTNA approach supports both managed and unmanaged devices and any private application. 
  • Zscaler Business to Business: Designed to provide a consumer-like experience without putting businesses at risk. The service is delivered from the cloud and provides business customers with secure access to applications via the internet, regardless of whether they are hosted in private or public clouds or the data centre. Based on service-initiated ZTNA architecture, the product uses business policies to securely connect an authenticated customer to an authorized application - avoiding the need to expose the application to the internet. This brings the cloud closer to customer access to eliminate the complexity of legacy networks.
  • Zscaler Cloud Protection: A service to ensure that cloud applications are correctly configured. This product consists of four solutions combined into one service: secure app-to-app communications, secure workload configurations, eliminate lateral threat movement and secure access to cloud applications, each of which helps to reduce the risk of security breaches due to misconfigured cloud applications. The service also includes Zscaler Zero Trust Exchange, Zscaler Workload Posture, Zscaler Workload Communications, Zscaler Private Access and Zscaler Zero Trust Exchange, and Workload Segmentation.
  • Zscaler Digital Experience: Resolves user experience issues by analyzing and troubleshooting. The cloud-based service provides endpoint monitoring, cloud path analytics, digital experience store and application monitoring. Fast deployment is offered by instrumentation that begins at the Zscaler Client Connector, and the entire service can be integrated on top of the Zscaler Zero Trust Exchange.
  • Zero Trust Exchange: Clients can enable fast and secure connections that allow employees to work from anywhere by leveraging the internet as a corporate network, using Zscaler’s zero trust network architecture, with policy enforcement and context-based identity. Makes use of the Zero Trust Exchange, which operates 150 data centres worldwide, ensuring a fast connection by keeping users close to the service. Also offers colocation with cloud providers and applications that users are accessing (for example, AWS or Microsoft 365), which guarantees that the shortest path between users and destinations will be used.
  • Zscaler Client Connector: Formerly known as Zscaler App, the Zscaler Client Connector supports remote workers by connecting workforces to business applications from any device or location. The application sits at the endpoint device and enables business workforces to connect remotely, regardless of what application is being accessed or the device being used. Complies with BYOD, RF Scanner, POS System, corporate-managed or RF scanner, sending traffic to the nearest Zscaler service Edge, determining if a user is looking to access a SaaS application, internal application, data centre, a public or private cloud or the open internet. User traffic can also be auto-routed via the correct Zero Trust Service, which includes Zscaler Internet Access for SaaS and secure internet access or Zscaler Private Access for fast access to internal applications. Visibility insights are also available with the Zscaler Digital Experience.
  • Privacy and Compliance: Zscaler compliance enablers ensure that products adhere to government and commercial standards. They focus on regulations such as ISO 27001, ISO 27701, SOC 2 and Fed Ramp. Global Commercial Certifications are ISO 27001, ISO 27701, ISO 27018, ISO 27017, SOC 2, SOC 3, CSA - Star and Sensitive Data Handling Assessment. Global Government Certifications include GDPR, Fed Ramp, FIPS 140 - 2, IRAP, ITAR, CJIS, VPAT/Section 508, NCSC Certificate, TIC 3.0 vendor overlay, NIST 800-63C, PIPEDA, APPI, CCPA and the Australian and New Zealand Data Privacy Shield. There are also several white papers and attestations that Zscaler complies with, such as HIPAA, PCI DSS, APRA and the Modern Slavery Act.
  • Secure SD WAN Solution: Zscaler offer clients SD WAN security, working with vendor partners Silver Peak, Cisco Viptela, Velo Cloud and more (see, Which service providers and partners support Zscaler?). Using Zscaler security, clients can enable secure internet breakouts without the issues commonly associated with legacy products. Because it is cloud-delivered and leverages software-defined policies to route traffic, the solution simplifies branch office functions and supports remote users.

What is the Zscaler SASE security solution?

Zscaler offers a granular and comprehensive SASE security solution, which they call their Cloud Security Platform. The solution is globally available, ensuring high performance for users worldwide by peering with hundreds of partners in significant internet exchanges worldwide - delivered across 150 data centres worldwide. 

The SASE offering includes native multi-tenant cloud architecture for dynamic scalability on-demand and a proxy-based architecture that inspects encrypted traffic at scale. It also brings security and policy close to the user to eliminate unnecessary backhaul, with ZTNA and a zero attack surface which avoids exposing your source networks and identities to the internet, preventing targeted attacks. 

The Zscaler SASE solution can be deployed and managed as a cloud-delivered and automated service. It provides low latency and optimal bandwidth by bringing the user closer to security and policy across 150+ locations, with security being built into the fabric of the platform to ensure that all connections are secured and inspected. 

SASE Features: 

  • SSL Inspection: SSL inspection will locate and analyze SSL-encrypted internet traffic communications between the server and users.
  • Bandwidth Control: Allows clients to prioritize business-critical applications over other traffic- for example, users may prioritize Office 365 over YouTube.
  • Advanced Threat Protection: Constantly protects against zero-day threats, unknown malware and ransomware by analyzing all user packets, both on and off-network. Also capable of inspecting SSL.
  • Machine Learning Security: Cloud-scale machine learning to protect against security threats. Designed to react to phishing, ransomware and malware attacks quickly by identifying threat patterns across volumes of data to block advanced threats without the need for human interaction.

What ZTNA (Zero Trust Network Access) Solution is Supported by Zscaler?

Zscaler provides cloud-delivered ZTNA, which creates secure connections between users and applications, regardless of location. It allows users to verify identities, improve and adapt visibility and set contextual policies.

What CASB (Cloud Access Security Broker) Solution is Supported by Zscaler?

Provides security for PaaS, IaaS offerings and SaaS applications. Real-time visibility and the ability to control access and user activity across sanctioned and unsanctioned applications are also provided. Also includes inline data protection capabilities to eliminate overlay architectures and proxy-chaining, which have the potential to break SWG implementations. Out-of-band data protection (data at rest) capabilities leverage API integrations to look inside IaaS offerings and SaaS applications - for example, AWS S3, to identify exposed or sensitive data and compliance violations.

What SWG (Secure Web Gateway) Solution is Supported by Zscaler?

A cloud-delivered secure web gateway, preventing users from accessing potentially malicious web traffic from the internet and in the cloud itself.

What FWaaS (Firewall as a Service) Solution is Supported by Zscaler?

The Zscaler Cloud Firewall is designed to replace legacy firewall technology. The solution enables users to secure off-network connections and local internet breakout for all user traffic without appliances. The firewall is scaleable across all ports and protocols for all cloud application traffic - can also be used in remote locations and branch offices.

What NDR (Network Detection and Response) Solution is Supported by Zscaler?

Zscaler offers NDR solutions via its partnership with Vectra. The hybrid product combines Vectra Network Detection and Response with the Zscaler Zero Trust platform and enables users to identify and remove security threats early on in the kill chain. This allows for improved network performance, as applications remain accessible whilst security threats are removed before they become a significant problem. 

What XDR (Extended Detection and Response) Solution is Supported by Zscaler?

Zscaler offers integrated XDR services provided by their technology partners SecBI and Secureworks. The SecBI solution leverages machine learning to identify malicious behaviour, collect it and use related stored data to remove the threat. Secureworks XDR collects and analyzes data and provides an alert should anything suspicious be found.


Funding Rounds

Cloud Vendors

How does Zscaler deliver cloud security?

Zscaler can access cloud vendors via Zscaler Internet Access for SaaS applications and open internet. Vendors can also be accessed through Zscaler Private Access for secure access to internal applications in auxiliary storage or data centres without a VPN or network access. 

  • AWS: Zscaler is an AWS Advanced Technology Partner and Certified Cloud Practitioner. Utilizingapplication segmentation, zero trust access policies, and one-time login provide a single service, secure access and visibility into applications on AWS or hybrid IT environments. 
  • Microsoft: Zscaler is a Microsoft Azure partner, a certified networking partner for Office 365 and integrations available via the Azure marketplace. Zscaler can access over 20 globally peered Microsoft Cloud data centers to provide secure access to private applications on Azure. Shadow IT and cloud applications can be controlled on or off the network, and the Zscaler client can be deployed onto Intune-managed iOS devices. 
  • Google: Zscaler is a Google Cloud Security Infrastructure Partner. Google Cloud tools enhance Zscaler security services. 

Zscaler offers a wide range of cloud-based security technologies. These include: 

  • Cloud Configuration Security/Cloud Security Posture Management (CSPM): Protects access routes to SaaS applications, Azure, Google Cloud Platform and AWS. It reduces risk by remediating misconfigurations in SaaS, PaaS and IaaS applications whilst maintaining a good security posture. The solution covers 2,700 pre-built policies mapped across 16 standards, which include CIS benchmarks, SOC2, NIST, PCI DSS and AWS best security practices. The product is part of the cloud-delivered data protection capabilities in the Zscaler Zero Trust Exchange.
  • Cloud Identity And Entitlement (CIEM): Allows clients to control access to all resources, clouds, identities and APIs. Provides zero disruption to DevOps teams. A component of the Zscaler Cloud Protection solution.
  • Cloud Data Loss Prevention (DLP): Protects sensitive data in all cloud channels, including confidential, health and personal data. Leverages advanced features such as machine learning, Exact Data Match (EDM) and Indexed Document Matching (IDM). Works with office and remote workers.
  • Cloud Browser Isolation: Isolates users and endpoints from active content to protect from zero-day vulnerabilities, unsanctioned plug-ins, ransomware, data theft and more.
  • Cloud Sandbox: Designed to prevent patient-zero attacks, including automated quarantine of high-risk unknown threats and instant verdicts for common file types. This service is integrated with the Zscaler cloud-native security platform.
  • Cloud IPS: Zscaler Cloud IPS is delivered from the cloud, which allows it to provide security for all users in an office, or in remote locations. Protects from botnets, zero days and advanced threats and provides contextual information about the application, threat and user - delivered as a service.
Cloud Access

Cloud Access

Amazon Web Services40
Microsoft Azure40
Google Cloud20
Remote Users

How does Zscaler support remote users?

Zscaler Work-From-Anywhere supports remote users by providing secure access to all applications, with cloud identity access management, data protection, visibility and troubleshooting and cyber threat protection. Remote users still get fast and direct access to applications such as Microsoft 365 or Zoom and can use "Bring-Your-Own" devices. The solution leverages Zscaler SASE cloud-native services architecture.

Managed, co-managed & DIY services

What is the Zscaler managed, co-managed and DIY services solution?

Zscaler’s security cloud is a managed solution that includes cloud intelligence, native SSL inspection, real-time threat correlation, and over 60 industry threat feeds. Zscaler’s ThreatlabZ security research team offers security advisories and tools, highlighting vulnerabilities and providing free browser plug-ins to negate threats. This managed service solution, as well as many others, is available from one of Zscaler’s managed service provider partners.


What Reporting and Management is available via the Zscaler Portal?

SD WAN/SASE reporting and management is available via the third-party provider portal. Zscaler does offer, however, the Zscaler Digital Experience. This cloud-based service provides CloudPath Analytics, Digital Experience Scores, and Application and Endpoint Monitoring. These services are provisioned via a unified dashboard to enable efficient troubleshooting and resolution of connectivity issues at the user end.

Points of presence

Number of PoPs

Check Point100
Service Level Agreement

What is the Zscaler SLA?

Below is a table displaying the main focus points of the Zscaler Service Level Agreement (SLA). 

Zscaler Support



Premium Plus

Access 24x7x365

Phone / Web Portal / Admin UI

Online Training, User Guides, Articles 

Support Experience Levels 

Level 1 Engineer (Pool)

Level 2 Engineer (Pool)

TAM (Designated liaison - business hours)

TAM Engagement 



Consulting, troubleshooting, and weekly operational review 

SLA Goals 

P1 Response

2 hrs

30 min

15 min

P2 Response

4 hrs

1 hrs

30 min

P3 Response

12 hrs

3 hrs

2 hrs 

P4 Response

48 hrs

4 hrs 

4 hrs 

Zscaler support tiers (Zscaler, 2020.) See more at:

Frequently Asked Questions
Zscaler Service Providers (Global)
Zscaler Service Providers (Regional)
Zscaler System Integrators
Zscaler Technology Alliances
Zscaler Technology Alliances (Cloud)
Zscaler Technology Alliances (Data)
Zscaler Technology Alliances (Endpoint)
Zscaler Technology Alliances (Network)
Zscaler Technology Alliances (Identity)
Zscaler Technology Alliances (Operations)
Ask a question

Send your local contact from Zscaler a message, this form will reach Zscaler directly.

Contact Zscaler
Complete the form to get in touch with a representative from Zscaler.

Download the the complete guide to 10 SD WAN solutions.

The most comprehensive top 10 guide we have ever created.

Similar Companies

There are no results matching your selection.


Deployment Region

North America37%
Europe, Middle East and Africa22%
Latin America11%
Proposition Focus

Proposition Focus


Industry Coverage


Other Focus

Remote users4
List your business

List your business with Netify Learn More →


Geographic Focus


Please complete the form to ask a question or send a message directly to Cato Networks. Netify have carefully curated global sales contacts based on your IP location. If you do not receive contact, please check your junk folder.

Book a demo of the Cato Networks SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.

A Netify Vendor Briefing is a 30 minute Zoom research session for IT decision makers, and an opportunity to learn about the vendors products, services and business strategies specifically or a related technology or market. We'll also discuss their competitors and which other solutions your business should consider. If you do not receive contact, please check your junk folder.

Netify is the first dedicated global SD WAN & SASE comparison marketplace.

List Your Business