secdoc.tech
Fortify Your Digital Defenses: CAH
cybersecurity · · 3 min read

Zenarmor 1.18 Release is Now Avalailable

Being a part of the tinkerers club for Zenarmor and providing feedback and feature requests/capabilities, I can confidently say the 1.18 version of Zenarmor represents a significant evolution in their SASE offering.

Zenarmor 1.18 Release is Now Avalailable
Zenarmor 1.18 Release

Being a part of the tinkerers club for Zenarmor and providing feedback and feature requests/capabilities, I can confidently say the 1.18 version of Zenarmor represents a significant evolution in their SASE offering. The release demonstrates a clear strategic pivot toward organization-centric security, with several key innovations that warrant attention.

For a more detailed walk-through of these features, I recommend watching the official preview demonstration above by Zenarmor's Product Manager, Lyal Saayman, which provides hands-on examples of the functionality I've reviewed below. While my assessment covers the key technical aspects, his demonstration offers valuable insight into the intended use cases and deployment scenarios.

Core Strengths

Organization Dashboard Implementation

The new organization dashboard represents a substantial improvement in unified management capabilities. In testing across multiple simulated enterprise environments, I found the birds-eye view particularly effective for rapid threat assessment across distributed deployments. The dashboard's ability to consolidate data streams from both gateways and endpoints into a unified view is well-executed, though there's still room for some UI refinement in the filtering interfaces.

Identity & Access Management Integration

The IAM capabilities show promise, particularly in their implementation of:

  • Built-in authentication (suitable for SMBs)
  • SAML 2.0 integration (tested primarily with Azure Entra ID)
  • Google Cloud Identity integration (including group sync)

During testing, the SAML 2.0 implementation proved robust, though I noted some minor latency issues during high-volume authentication events. The Google Workspace integration is particularly polished, though the lack of SCIM support for other providers is a notable limitation that should be addressed in future releases.

Windows Endpoint Protection

The native Windows application represents perhaps the most significant technical achievement in this release. My testing revealed:

  • Impressive local inspection performance with minimal system impact
  • Seamless policy deployment from Zenconsole
  • Reliable reporting data streaming
  • Effective protection independent of network connection

The elimination of VPN dependencies for remote security enforcement is particularly noteworthy, though some edge cases in the policy enforcement required workarounds during testing.

Areas for Improvement

  1. Policy Management Interface: While the new organization-based policy structure is logically sound, the UI for managing complex policy hierarchies across multiple deployment types could be more intuitive. Users managing large deployments may face a learning curve.
  2. Authentication Options: The current authentication implementation, while functional, would benefit from:
    • Additional SAML provider templates
    • SCIM protocol support
    • More granular role-based access controls
  3. Reporting Capabilities: While the consolidated reporting is comprehensive, the system could benefit from:
    • More customizable dashboard widgets
    • Enhanced export capabilities
    • Better handling of large data sets during peak reporting periods

MSP/MSSP Considerations

The multi-tenancy capabilities show particular promise for service providers. The organization enrollment process is streamlined, though the role assignment system could use additional granularity for complex organizational hierarchies.

Forward-Looking Assessment

The announced roadmap items, particularly Zero-Trust Network Access (ZTNA) and MacOS support (with Linux client support coming soon after), align well with market demands. Based on the current implementation quality, these additions should integrate naturally into the existing framework.

Technical Recommendations for Deployment

For organizations considering deployment, I recommend:

  1. Thorough testing of SSO integration in your specific environment
  2. Staged roll-out of Windows endpoint protection
  3. careful planning of policy hierarchy before full deployment
  4. Consideration of network impact during initial reporting data streaming

Conclusion

Zenarmor 1.18 represents a significant step forward in their SASE offering. The focus on organization-centric security and endpoint protection shows clear market awareness, while the technical implementation is generally solid. While there are areas for improvement, particularly in the UI and some enterprise integration capabilities, the core functionality is robust and well-implemented.

The release successfully delivers on its primary goal of enabling organization-based security policies with user-centric control, though organizations should plan for some adjustment period during deployment. The Windows endpoint protection capability is particularly impressive and could be a major differentiator in the market. Check it out at https://www.zenarmor.com/

Share Share Share Share Share Email

Read next

Sit Down with the 45Drives' "What's Spinnin'" Team
45Drives · Featured

Sit Down with the 45Drives' "What's Spinnin'" Team

The latest episode of 45Drives' "What's Spinnin' Podcast" has just dopped. Brett sits down with me to explore my 25-year journey through the cybersecurity landscape. We also discuss my book, the "Cybersecurity Architect's Handbook," and how it has evolved throughout my career.