Managing a Zscaler POP

Create a POP for Zscaler

To create a Zscaler POP:

1. In the Orchestration Workspace, click Add Policy Orchestration Point. The Select Vendor side panel opens.
2. Click on the Zscaler logo to select ZPA.
3. In the General section:
   • Enter the Display Name. Note that this name must be unique within the Environment.
   • Enter the Description (optional).
4. In the Associated Workspaces section, use the down-arrow to access and select the Identity Workspace (required) and the Authorization Workspace (required) in which you want to manage the relevant objects discovered in the vendor tenant.
5. In the Connection Settings section, configure the values to connect the POP defined in the Platform to ZPA. The fields include:
   • Authentication Method (which is predefined as Client credentials for Zscaler POPs)
   • API Key
   • API Key Secret
   • Customer ID
   • Customer based URI (the URL to the third-party vendor)
6. Click Test Connection. This verifies that the Platform and ZPA are connected.
7. Click Create. The new POP appears in the list of Policy Orchestration Points and an initial discovery takes place.

This initial discovery discovers all of the access policies managed within ZPA, as well as the Application segments and the Application segment groups. The access policies will appear in the Authorization Workspace as Platform Policies.

When you click on a Policy, as with Policies created within the Platform, you can view the Policy in structured Rego (click Code), or as a visual representation of the Policy (click Map).

In addition, the Identity Workspace and the Authorization Workspaces are populated with the mapped objects and Policies discovered in ZPA.