Version 4.0 of the CSC Mux for Azure has the following enhancements:
Product renaming: The Cloud Security Connectors for Azure have been renamed according to the amount of IPsec tunnels to Zscaler: CSC Mux 1 (1 x IPsec, 400 Mbps), CSC Mux 2 (2 x IPsec, 800 Mbps), CSC Mux 4 (4 x IPsec, 1,6 Gbps) and CSC Mux 8 (8 x IPsec, 3.2 Gbps). The following list shows the old and new names.
CSC Anywhere for Azure ➝ CSC Mux 1 for Azure with PriCPA.
New ! ➝ CSC Mux 2 for Azure with PriCPA.
CSC Mux 1.6 Gbps ➝ CSC Mux 4 for Azure with PriCPA.
CSC Mux 3.2 Gbps ➝ CSC Mux 8 for Azure with PriCPA.
New! Private Cloud Private Access: PriCPA is a new functionality of the Cloud Security Connector. PriCPA allows you to create a Private Cloud among all CSCs for private traffic. In a matter of minutes, you can build a full mesh encrypted topology between your locations for private traffic with Zero Trust. After making the Private Cloud, you can set up your policies to define who will talk with who inside your Private Cloud.
New! Traffic Logs: The CSC can send all traffic logs to a Syslog/SIEM server. The Traffic Logs provide visibility of all IP communications to Zscaler, Routed and Proxy Bypasses, PriCPA, and Local received and generated traffic. This functionality is essential to customers with a basic Zscaler Cloud Firewall license.
New! SNMP support: The CSC Mux for Azure can be monitored via SNMP v2c and v3.
New! Radius integration: You can access the Admin console using your username and authenticating via Radius protocol to a Radius Server.
New! The "csccli" user can be enabled and configured via the Admin console, allowing terminal access to the CSC using SSH keys.
New! SSH access can be restricted per Subnet or IP. It applies to the CSC's Internal (eth1) and PriCPA interface. It is not required anymore to set up external security groups.
TCPdump functionality is provided via the Admin console for easy troubleshooting of IP traffic.
New! Azure Load Balancer support. The CSC answers Azure LB Health probes on the CSC VIP IP (port 59400) and CSC Bypass IP (port 53128) when the tunnels to Zscaler are up. If the tunnels to Zscaler are down, the CSC stops answering the probes.
New! Config User Data support. When launching the CSC, you can insert the configUserData.json file as VM's User Data to pass configuration parameters to the CSC, such as Zscaler Cloud, Zscaler Nodes, DNS Servers, AWS Systems Manager Credentials, Syslog configuration, Bypass (routed and proxy) configuration, PriCPA values and more.