hi, looking at the best way to control server internet access
was thinking pac file
we don’t currently have a ipsec tunnel from DC to ZScaler (though is planned)
we don’t have advanced firewall control
so some serves need some level of internet access, but not full, so no bbc , gmail etc
so trying to think of the best way,
or is the best way to have IPSEC tunnel to zscaler and have sublocations and control it there?