Does VZEN store policies? Also is it possible to take packet capture on VZEN?

Hi Team,
I have two different questions about VZEN:
1.Does VZEN store policies? i.e means vzen doesn’t need to contact zscaler each time to compare each url against zscaler policies.

2.Is it possible to take packet capture on VZEN ?

Does VZEN store policies?

All ZEN’s cache policies, the behaviour is the same for VZEN / PZEN / Service Edge / Cloud ZEN. It’s actually really neat how it work:

  1. A user first connected via any ZEN
  2. ZEN detectives users policy from the Central Authority (CA)
  3. Policy is enforced and security applies for every subsequent transactions
  4. If the user policy changes, the ZEN is notified, and on the next traffic the user policy is refreshed.
    *This last point is why you see near zero propagation delay when implementing a policy change.

Is it possible to take packet capture on VZEN

Yes, we have PCAP and a bunch of trace/debug tools. It’s best to work with our support when needing to leverage such advanced features as they are trained on the nuances of the command sets, and what to use / do in different scenarios.

Hope that helps,
@skottieb