Understand what’s included in a SecureDynamics-delivered ZPA QuickStart project and how we align with Zscaler’s best-practice deployment blueprint.
🧭 Overview
This article outlines the technical scope and configuration limits for a Zscaler Private Access (ZPA) QuickStart deployment delivered by SecureDynamics. These engagements are delivered remotely and completed within 5 business days, helping customers onboard core ZPA services quickly using Zscaler’s recommended blueprints.
SecureDynamics is a Zscaler Delivery Services Authorized Partner, offering certified engineers, real-world deployment experience, and tailored support for each customer.
🛠 Engagement Scope Summary
| Category | SecureDynamics ZPA QuickStart Deployment |
|---|---|
| Product Scope | ZPA only (Zscaler Private Access) |
| Delivery Model | Remote, hands-on |
| Engagement Duration | 5 business days from kickoff |
| User Rollout | Support for up to 500 users |
| Project Management | ❌ Not included |
| Assigned Consultant | 1 Zscaler-certified engineer |
| Customer Responsibility | Provide app/server information, connector locations, and test user list |
🔧 Technical Configuration Limits (ZPA Build Phase)
SecureDynamics configures your ZPA environment using Zscaler’s leading-practice blueprint. The QuickStart package includes the following maximums:
| Configuration Element | Limit |
|---|---|
| Applications | Up to 5 apps |
| Segment Groups | Up to 5 groups |
| Server Groups | Up to 5 groups |
| Individual Servers | Up to 5 servers |
| Application Groups | Up to 5 app groups |
| App Connectors | Up to 3 App Connector instances |
| Browser Access | Setup for up to 5 apps (baseline configuration only) |
| Policy Templates | Based on Zscaler’s preconfigured best-practice blueprint |
💡 No need to count or track configuration items. If scope begins to exceed package limits, SecureDynamics will notify you before proceeding with additional items.
❌ What’s Not Included
| Not Included | Explanation |
|---|---|
| Browser Access Expansion | Beyond 5 apps or advanced tuning |
| Privileged Remote Access (PRA) | ❌ Not included |
| Cloud Connectors | ❌ Not configured under this scope |
| NanoLog Streaming Service / External Logging | ❌ Not included |
| Deception Capabilities | ❌ Not included |
| Double Encryption / TLS Chaining | ❌ Not supported in QuickStart |
| Double Hop Routing (ZPA-to-ZPA) | ❌ Not configured |
| Proxy Architecture Integration | ❌ Not included |
| Posture Checking / Device Posture Profiles | ❌ Not included |
📌 Additional Notes
- This engagement is fixed-scope and use-it-or-lose-it, with an expected completion within 5 business days.
- Customer responsiveness is essential to keeping the engagement on track.
- Deployment aligns with Zscaler's standard architecture for resilience and availability.
🔗 Helpful Links
🚀 Need a More Customized ZPA Deployment?
If your environment includes:
- Multiple environments or business units
- Zero Trust segmentation strategy
- Hybrid access models (e.g., PRA, SIPA, posture enforcement)
…consider upgrading to our Essentials or Advanced service tiers.
🛡 Delivered by SecureDynamics – Zscaler’s most trusted and comprehensive partner.
Increase your chances of success
- Our Zscaler Design Workshop AI Tool can, in many cases, serve as your entire Zscaler Solution Architect -- for free!
- Let our Learn Zscaler tool teach you like only an Zscaler Authorized Training Partner can -- also free!