Kerry Cordero

Phase 1 = IKE / Phase 2 = IPsec. Examples use a peer 198.51.100.10 and a VRF named CORDERO. ASA...

When deploying Zscaler Private Access (ZPA), it’s tempting to take shortcuts during early rollouts: one giant wildcard app segment (*.corp.local),...

Where the ports live The ports defined in the App Segment (e.g., TCP 1–65535 except 53) are remote ports —...

What the Client Does The end user’s browser only ever connects to https://app1.cordero.me → TCP 443. That’s the real traffic...

There is no excerpt because this is a protected post....

ZPA to Palo Alto Terminology Mapping ZPA Concept Palo Alto Firewall Equivalent Technical Alignment Notes Application Address Object (FQDN or...

ZIA: Overview Zscaler Internet Access (ZIA) is a cloud-delivered secure internet and web gateway designed to protect users, applications,...

The Problem You’re hitting the 6,000-application limit per App Connector because your current configuration sends all apps to every connector...

1. Start With an Application Inventory (Even If It’s Incomplete) Why: You can’t segment what you don’t understand. Gather...