ZAPP & Server Security


I have rolled out ZAPP across to my users for each endpoint desktop/laptops. We are using a hosted PAC file, and I understand the ZAPP uses the hosted pack file.

For my servers which are based in multiple locations, is there a way to secure my servers? Do I install the ZAPP or do I via group policy apply a PAC file?

I would like some servers to access the internet and some not. Out servers sit behind a Cisco Firewall.

You could push PAC via GPO or use ZAPP (which afaik is not officially supported in windows servers), However Ideally you may want to forward traffic to Zscaler transparently via VPN on the local Firewall.

You should check this KB out.


It depend upon how plan to authenticate your server. In most cases Server wont have user id or email id to authenticate. Enforcing PAC via GPO and create sub-location for Server segment and bypass Authentication in that Sub-Loction might be easist way .

Ganesh Krishnan

1 Like