Can Zscaler allow for only register devices (Win iOS ..)?


I am Zscaler beginner, just starting PoC. My discussion as below.

Employee uses company corporate devices (laptop, mobile,…) and installed Zscaler app that can access company specific things. (so far so good)
But I would like to restrict the employee home computer or personal devices to use Company Zscaler environment that could be installing zscaler app and login to use company specific things.

For example, can we register MAC addresses as an enroll device in advance that we only want to allow for Zscaler mobile user. So unregistered device cannot use the environment even login credential is correct.

Or is there any other way UUID restriction in Zscaler to protect unauthorized device connection?


There is a bit of a speed bump in most scenarios. Unless you are not breaking SSL, and you should be breaking SSL, the personal device will not have the proper certificate. This will cause most websites to not load. A browser that doesn’t work will lead to a quick uninstall.

Also, how likely is it that your users are going to load this security product on their own device?


For ZPA, you’ll want to set up device posture profiles in the ZAPP portal:

For ZIA, I don’t think there’s an option, but I’m not sure why your user base would want to put ZApp on their personal devices and give up all of their privacy.