ZPA Browser Access Made Easier - Introducing Zscaler Managed Certificates and Unified Portal

ZPA Browser Access provides clientless, browser-based secure access to private applications via the User Portal.  Our customers have successfully deployed it to enable zero trust access for third-party and BYOD users on unmanaged devices, all without the friction of VPN clients or VDI agents.

ZPA Browser Access has become a game-changer for our customers, providing seamless and secure access to private apps for third-party and BYOD users - no VPN or VDI required. It’s a core component for achieving zero trust for unmanaged device access.

But we're not stopping there. Your feedback is the engine of our innovation, and you've been clear about what you need next. You asked for:

1. Less Admin Work: Get rid of the headache of managing server certificates and publishing CNAME’s

2. Improving Security: Hide private application FQDNs from users.

3. A Better UX: Consolidate browser access and privileged remote access (PRA) portals into one simple interface for all browser-based access.

We heard you loud and clear. We're thrilled to deliver the solution with two powerful new capabilities: Zscaler Managed Certificates and a Unified User Portal.

These enhancements are purpose-built to deliver on your requests, making ZPA Browser Access more secure, easier to manage, and simpler to use than ever before.

From Hours to Clicks: Effortlessly publish apps for ZPA Browser Access

Manually creating certificates and configuring DNS records for each new application is a tedious, time-consuming task. Additionally, insecure or outdated certificates can expose applications to risk. It’s a common source of friction that slows down IT and increases cyber risk. 

ZPA now eliminates the operational burden of creating and managing certificates. ZPA customers benefit from industry-standard encryption without relying on manual processes that might inadvertently introduce vulnerabilities. We've automated the two most cumbersome steps:

• Zscaler-Managed Certificates: ZPA generates and manages the certificates for you, eliminating the need for manual creation, signing, and renewal.
• Automatic DNS Publishing: ZPA automatically publishes the required CNAME entries, so you no longer need to intervene with the DNS configuration. 

This means administrators can now securely publish private applications in a matter of clicks, not hours.

1. Select the app:

2. Choose “Managed” option

3. Hiding the application names from third-party users enhances the security posture through obscurity. Administrators can now hide private application name by adding the hash value instead of authentication domain in the dropdown field. 

Easily set-up User Portals with Zscaler managed certificates

User portals provide visibility to authorized applications for your organization's employees and partners. Now, Zscaler can manage the certificate for the user portal and privileged remote access portal as well. To do so, simply select the “Managed” option when creating the user portal.

Streamline user experience with a single portal to access Private Apps, SaaS and Web Apps, and privileged consoles

Now, end users can access authorized private applications, privileged consoles and permitted SaaS applications configured with data protection with Zero Trust Browser.

Customers that have both privileged consoles and applications configured for browser based access can easily merge the two portals in just a click. To do so, go into the privileged portals tab in privileged remote access menu item. Edit the portal and select the User Portals that are configured in the system under the User Portal for Portal Links> dropdown menu field.

Users that have access to both web apps and privileged consoles can now login to a single portal and toggle between privileged consoles and browser access apps.

Conclusion

The enhancements to ZPA Browser Access with Zscaler-managed certificates and unified portal represent a significant stride in enabling zero trust transformation for our customers. By automating the critical yet often cumbersome aspects of certificate management, organizations can confidently scale their private application offerings to BYOD and third-party users while maintaining strong security posture. And by combining portals for applications and privileged consoles, end-users enjoy a seamless access experience with fewer logins and minimized browser clutter, reducing friction and enhancing overall productivity.

To learn more about the solution watch this on-demand webinar with a live demo and hear from a customer on how they secured third-party access.