Windows 365 and Zscaler

Copper Contributor

Has anyone deployed Zscaler clients on their production Windows 365 VDI instances? If so, how was your experience?

 

As of right now, we are in the testing phase and we are ironing out some things with the networking team. I noticed disconnects when a user first logs in, or after a patch cycle (so far)

6 Replies
Hi,

please contact Microsoft Support on this issue, as we are evaluating with our Zscaler friends this issue and we should have a solution ready soon....
I'm not sure if it's too late, but this is a well-known issue between Zscaler and the way that Microsoft deploys the RDP connectivity:

https://techcommunity.microsoft.com/t5/windows-365/optimizing-rdp-connectivity-for-windows-365/m-p/3...

Regards
Same behavior observed.
Update: When the networking team deployed Zscaler tunnel 2.0, every 30, 45 or 60 minutes a temporary disconnect happens. This is absolutely frustrating for users. We tested Zscaler tunnel 1.0. It works, but with a global space in our company, we cannot implement it as we have multiple users with multiple devices and Zscaler can only allow one user to have one profile.

We also learned that Zscaler tunnel 1.0 is a security risk as it manages browser traffic, but not application traffic (putty as an example)
So, there is a solution which mitigates the disconnect issues.

https://techcommunity.microsoft.com/t5/windows-365/optimizing-rdp-connectivity-for-windows-365/m-p/3...

The FAQ you should really pay attention to is:
Q: How often do the IP addresses Change?

A: The Gateway addresses change roughly once a month. We aim to improve the script over time to provide better assistance with automation of a check for changes in this data.
Hi @obvrsk2022 and community

We have some devices deployed and have a group of users who sit behind a zscaler and having this exact issue. Going to read through the doc and send it onto the 3rd party to take a look at.

Great to see the community helping everyone out :)