Z-Tunnel 2.0 Application Bypass in App-Profile

Hi together,
I try to bypass some Microsoft Applications like ATP, Login, Update and some more.
After several tries with 2 Pac Files ( App/Fwd), I will try Destinations Exclusions or Application Bypass Fields in the App-Profile.
Is it possible to try more Application Bypasses then Microsoft Teams?
That is the only App I can select.
And is it possible to import Destination Exclusion Lists?
To set one Ip-Range after another is a long way

Regards
Thorsten

Hi Thorsten,

nope, AFAIK you cannot add any applications to the bypass list except the preconfigured ones by yourself. At least not yet. And for the time being the only app is “Microsoft Teams”.

Same for the configuration settings. But I heard Zscaler is working on some solution to import/export data. But that should be better answered by some of the Zscaler Employees here ;-).

BR
Manuel

Hi Manuel,
thanks for the response.
We have some Problems with MS ATP Defender and so on.
We have to bypass the URL´s. But URL after another in the VPN Bypass is not easy

Hm, we also have Microsoft Defender for Endpoint and Defender for Office 365 and only needed to configure SSL Inspection bypass for Certificate Pinning sites listed at Certificate Pinning and SSL Inspection | Zscaler and the particular Defender URLs here Configure device proxy and Internet connection settings | Microsoft Docs.

For Microsoft Updates we SSL -inspection-bypassed the default URL Category “Operating System and Software Updates”. Please also keep in mind some of the Microsoft Updates are “executables” and therefore get filtered if you have a general executable file download policy (“allow with caution” for all executables will kill the updates mechanism, see also Web Action in Insight Logs).

1 Like

Hi Manuel,
thanks a lot for your professional Answers. The Challenge for us was the
“pseudo requirements” from our Microsoft-Client Team to Bypass the ZScalerCloud for all Microsoft Services.
Do you use the One-Click M365 Bypass?
Is it possible, that you can tell me your Company?

Regards
Thorsten

Yes, we have the one-click-switch enabled. But that does not mean everything is working afterwards as one could expect… Will send you a PM.

+1 on the idea of being able to add applications to the application bypass menu for ZIA.

I have been scratching my head on how to configure one, and this thread made me realize that there is only one option today, Microsoft Teams.

I wonder whether the definitions of apps can be opened up to the public, so that people might be able to share app profiles.

Bye, Luca

1 Like