Understand what’s included in a SecureDynamics-delivered ZIA Essentials project and how we align with Zscaler’s best-practice deployment blueprint.
🧭 Overview
This article outlines the technical scope and configuration limits for a Zscaler Internet Access (ZIA) Essentials deployment delivered by SecureDynamics. This package supports full initial configuration, pilot testing, and guidance across authentication, traffic forwarding, and policy enforcement—completed within 15 business days.
SecureDynamics is a Zscaler Delivery Services Authorized Partner, offering certified engineers, rapid response times, and deep domain knowledge in Zscaler best practices.
🛠 Engagement Scope Summary
| Category | SecureDynamics ZIA Essentials Deployment |
|---|---|
| Product Scope | ZIA only (Zscaler Internet Access) |
| Delivery Model | Remote, hands-on |
| Engagement Duration | 15 business days from kickoff |
| User Rollout | Up to 500 users (Pilot + Production) |
| Project Management | ❌ Not included, but we take direction from your PM |
| Assigned Consultant | 1 Zscaler-certified engineer |
| Customer Responsibility | Provide authentication directory access, network architecture details, and user testing list |
✅ Configuration Scope – What’s Included
SecureDynamics will configure your ZIA environment using Zscaler's leading-practice blueprint. Included elements are:
| Configuration Element | Included |
|---|---|
| Authentication Integration | One SAML or SCIM IdP |
| Traffic Forwarding | PAC file or Zscaler Client Connector (Tunnel 1.0 or 2.0) |
| SSL Inspection Setup | Root CA install guidance + up to 5 bypass rules |
| URL Filtering Rules | Up to 10 rules |
| Cloud App Control | Up to 10 rules |
| Cloud Firewall Policies | Up to 10 Layer 3/4 rules |
| DNS Control Rules | Up to 3 rules |
| Sandbox Rules | Up to 3 rules |
| File Type Control Rules | Up to 2 rules |
| Client Connector Guidance | Installation and policy profile setup |
| Policy Templates | Based on Zscaler Essentials-tier best practices |
| Basic Reporting | Setup of 1 dashboard or scheduled report |
❌ What’s Not Included
SecureDynamics follows the same exclusions Zscaler outlines for Essentials-tier deployments. These include:
Advanced Security Feature Configuration
- DLP, Advanced Threat Protection (Layer 7 Firewall)
- Inline CASB policies (Granular cloud app policies)
- Advanced logging configurations
Complex Identity Federation or MFA Config
- Anything beyond standard SAML or SCIM directory integrations
Client Connector Customization
- Device posture profiles, Tunnel 2.0 routing customization
- Zero Trust workflows (ZTNA policy layering)
Custom Reporting & Dashboards
- Beyond standard dashboard or basic reporting
Third-Party Integration
- SD-WAN, EDR, SOAR/SIEM and other integrations are not included
Ongoing Support or Tuning
- Post-deployment policy tuning or operational support (unless separately scoped)
Deployment of Non-Essentials Tier Features
- If your tenant includes features from Business, Transformation, or other tiers, those are not configured as part of this engagement
💡 Need help beyond these limits? Ask us about upgrading to our Advanced deployment offering for full customization and rollout support.
📌 Additional Notes
- Essentials deployments must be completed within 15 business days of kickoff.
- Project management is not included, but your assigned engineer will work closely with your internal PM or lead.
- Any required changes to scope or configuration will be discussed with your team before implementation.
🔗 Helpful Links
🚀 Need a More Customized ZIA Deployment?
If your deployment includes:
- Advanced inspection or DLP requirements
- Enterprise SIEM/SOAR integrations
- Multi-region rollout or segmentation
- Posture-based access and Zero Trust enforcement
…consider upgrading to our Advanced deployment service tier.
🛡 Delivered by SecureDynamics – Zscaler’s most trusted and comprehensive partner.