Ensure secure access and protect critical business data with Zscaler Browser Isolation. This course explores how web content is isolated in containerized browsers, providing granular control over isolation and enhancing data exfiltration security.

Learning Outcomes

Identify modern-day cybersecurity and data loss challenges

Understand how Browser Isolation helps enhance protection and boost productivity

Describe Browser Isolation and its key features

List the cyberthreat and data loss protection use cases Browser Isolation addresses

Describe how to configure the isolation profiles and policies in ZIA and ZPA

Explain how User Portal 2.0 secures web-based access to SaaS and private applications for BYOD/unmanaged endpoints

Identify the isolation browser experience for ZIA and ZPA users

Course outline

Introduction

Current State of Cyberthreats and Data Leaks

Security challenges posed by cyberthreats and data leaks
Why Browser Isolation is needed
Enhancing protection and boosting productivity
Browser Isolation use cases

Browser Isolation Overview

What is Browser Isolation?
Cloud Browser Isolation

Browser Isolation for Cyberthreat Protection

Protection from cyberthreats
Zscaler Browser Isolation is uniquely integrated into the Zscaler Zero Trust Exchange
Binary policies risk being overly permissive or overly restrictive
Isolate risky internet content to maintain security and productivity
Identifying suspicious domains
Safe document rendering and Active Content Disarm
Dynamically mitigate business risk by isolating risky users and devices
Introducing dynamic, risk-based policy
Boost user and admin productivity

Browser Isolation for Data Protection

Browser Isolation: Protecting the data
Protect against data loss in common business scenarios
VDI-like controls with Browser Isolation and PRA
Unmanaged SaaS and private web app access
Reducing VDI dependency

Isolation Profiles and Features of Browser Isolation

Isolation profile: What to know
Configuring isolation profiles
Custom branded banners
Security and data protection controls
Key security control features
Session debug mode
Expanded native file type rendering in isolation
Expanded file type rendering in isolation
Cookie persistence
Office file rendering and conversion to PDF
Printing from isolation
Clipboard and file transfer control
Custom CA certificates
Watermarking
Level 3 CDR – integration with Votiro
Application deep linking
Turbo mode

Configuring Browser Isolation on ZIA for Threat Protection

Enhancing cybersecurity using Browser Isolation
Granular policy control
Fully integrated cloud Browser Isolation with ZIA
Traffic flow and integration
Policy enforcement on ZIA Service Edge for isolated traffic
Sandbox integration with isolation
Configuring isolation policies
Browser Isolation logging takes place in ZIA/ZPA
Browser Isolation dashboard (ZIA interactive reports)

Configuring Browser Isolation on ZPA for Data Protection

Secure agentless access to apps for BYOD and B2B
Isolating private web applications
Isolating SaaS web applications
The end-to-end flow
Designing the IdP conditional policies
ZPA isolation profile configuration
Unmanaged SaaS access
Browser Isolation with ZPA

Browser Isolation End User Experience

The two isolation experience modes
Isolation session overview
Mobile user experience

Hands-On Lab Details

Prerequisites

Browser Isolation (EDU-233) - E-Learning

Proficiency

Description

The Browser Isolation (EDU-233) lab allows students to practice the skills they learned in the e-learning portion. Students will gain in-depth understanding of Zscaler Browser Isolation functionality, its use cases, and the range of security controls it can be used to enforce.

Duration

1.5 hours

Type

Self-Guided Lab

Completion criteria

Complete all the lab exercises

Available language

English

Price per seat

1 credit or $300

Lab Outline

Lab 1: Securing Access to Internet

Review SSL inspection policy and verify SSL decryption

Lab 2: Managing Browser Isolation Basics

Create isolation profiles

Lab 3: Managing One-Click Smart Browser Isolation

Configure smart Browser Isolation
Test smart Browser Isolation

Lab 4: Using Isolate Action in URL Filtering Policies

Configure URL filtering policies with Isolate as action
Test Isolate as an action in URL Filtering policies

Lab 5: Using Isolate Action in Cloud Application Control Policies

Configure Cloud App Control policies with Isolate as action
Test Isolate as an action in Cloud App Control policies

Lab 6: Inspecting Cloud Browser Isolation Logs

Review log details

Lab 7: Applying Document Isolation Controls

Enable document viewing and security controls for your isolation profile
Test document viewing in isolation

Lab 8: Protecting against potential zero day threats with document file isolation + cloud sandbox

Enable cloud sandbox + isolation
Test the configuration

Lab 9: Managing Browser-In-Browser Isolation Experience

Enable browser-in-browser for your isolation profile
Test the configuration

Lab 10: Securing Access to SaaS Applications from BYO/Unmanaged Devices - User Portal 2.0 (Data Protection) using ZPA

Create isolation profile and enable internet traffic forwarding via ZIA
Add SaaS application in application segment
Create access and isolation policies
Publish M365 link to the user portal
Create DNS configuration (CNAME records)
Configure identity provider (IdP) conditional access

Lab 11: Securing Access to Private Applications from Unmanaged Devices - ZPA Isolation (Data Protection)

Configure isolation policies in ZPA
Test isolation policies to isolate private applications

Summary

Certificate Exam Details

Prerequisites

Browser Isolation (EDU-233) - Self-Guided Lab

Duration

45 minutes

Test format

20 multiple-choice questions

Available language(s)

English

Price per attempt

1 credit or $300

Get Certified

Browser Isolation (EDU-233)

Security Architect, Information Protection Analyst/Engineer/Architect, Risk & Compliance Analyst, IT/Security/Network Operator

Keep users safe and productive

Customers

Partners

Public Sector