Understand what’s included in a SecureDynamics-delivered ZIA Advanced deployment and how we support complex architectures, large-scale rollouts, and advanced security configurations aligned with Zscaler best practices.
🧭 Overview
This article outlines the technical scope and delivery capabilities for a Zscaler Internet Access (ZIA) Advanceddeployment delivered by SecureDynamics. Our Advanced deployments are fully remote, highly tailored, and designed to support enterprise-scale environments across multiple regions and user types.
As a Zscaler Delivery Services Authorized Partner, SecureDynamics provides expert-led deployments that go beyond standard PS offerings, enabling customers to design, deploy, and optimize ZIA in alignment with industry-leading Zero Trust architecture principles.
🛠 Engagement Scope Summary
| Category | SecureDynamics ZIA Advanced Deployment |
|---|---|
| Product Scope | ZIA only (Zscaler Internet Access) |
| Delivery Model | Remote, hands-on |
| Engagement Duration | Up to 40 business days from kickoff |
| User Rollout | Enterprise-wide (includes pilot + phased production rollout) |
| Project Management | ✅ Included |
| Assigned Team | Zscaler-certified engineer + dedicated Project Manager |
| Client Connector | Deployment support included |
| Customer Responsibility | Provide architecture inputs, test plan feedback, and pilot participants |
🔧 Technical Configuration Scope
Our ZIA Advanced engagements support flexible, scalable deployment design, including:
| Policy Type | Configuration Support |
|---|---|
| SSL Inspection | Unlimited rules + advanced exception handling |
| Cloud App Control | Custom policies, app groupings, and alerting |
| URL Filtering | Fine-tuned URL categories, custom URL lists |
| DLP | Custom dictionaries and inline CASB enforcement |
| Cloud Firewall | Advanced L3–L7 rule sets, geolocation, app control |
| DNS Control | Multi-policy structure, including threat feeds |
| Authentication | Integration with multiple IdPs, SAML, SCIM, Azure AD |
| PAC File | Custom PAC development, testing, and optimization |
| Reporting & Dashboards | Custom dashboards, alerting, and report scheduling |
| Threat Protection | Advanced sandboxing, file-type controls, IPS |
| Source IP Anchoring | Design and implementation (if purchased) |
📌 All configurations follow Zscaler’s Mission Critical Audit (ZMCA) criteria and include feedback from our Zscaler-certified architects.
📄 Key Deliverables
-
✅ High-Level Design Document (HLD)
-
✅ Low-Level Design Document (LLD)
-
✅ Final Zscaler Design Document
-
✅ Zscaler Mission Critical Audit (ZMCA)
-
✅ Pilot Test Plan & Execution
-
✅ Production Rollout Support
-
✅ Project Summary Report
-
✅ Handoff to Zscaler Support
❌ What’s Not Included
| Not Included | Explanation |
|---|---|
| ZPA or ZDX Support | Scope is strictly ZIA |
| SIEM/Log Streaming | Not included in standard delivery (ZIA only) |
| Hardware Config (e.g., SD-WAN devices) | Customer/partner-owned |
| TLS Chaining / Double Encryption | Out of scope unless specifically included |
| End-User Training | Optional add-on |
| On-Site Services | Remote only |
📌 Additional Notes
-
This is a time-bound, use-it-or-lose-it engagement
-
Mutually agreed-upon exceptions to the delivery timeline can apply, but we encourage customers to request any exceptions prior to purchase to ensure alignment and proper resourcing
-
Requires dedicated customer participation and test resource availability
-
Supports multi-region and multi-IdP environments
-
Designed for customers who require custom policies, long-term planning, and full-stack rollout support