I am deploying ZScaler for the first time to a mixed windows environment. Some users are using intune and AzureAD, others are using on premise AD to authenticate their laptops but use AzureAD credentials for O365.
I can deploy to both which is great, both can use their AzureAD credentials too to sign in, which is great.
My issue is - My users can still use the internet without bothering to sign in to zScaler.
Can I block internet until the user has signed in? If not, im guessing the rollout to 1000 users would take a considerable time with lots of manual intervention. Why would end users bother to sign in without being pushed to?