From Newsgroup: alt.os.linux.mageia

Hi everyone!

A few years ago my employer switched remote access from homeoffice (me,
for instance) to intranet from vpnc to openconnect. On my colleagues'
windows machines it was called anyconnect, except this, all the same.

At this time they also switched from RSA to one time password, based on Micro$oft Authenticator app. I was really happy to read a hint here, that there is oath-toolkit, and so even this challenge I was able to solve.

Well, as always, after the change is before the change. And now, they want
to switch from CISCO Anyconnect / openconnect to a tool called "ZScaler".

All I find about this is that it claims to be "so much more secure than
vpn and firewall" (why?), and I found that this is payware (hence, closed source - take it or leave it).

In my understanding, to make intranet access "so much more secure" likely means, that there are processes running on my local machine all the time, watching what tasks are running and what they're doing.

Has anyone been in touch with "Zscaler connect" and can tell a little?

Thank you!

Best regards,

Markus

P.S. Well, in worst case scenario I could sacrifice an unused machine and install all that trash, then connect it only to my guest network with no access to my main networks and hope that nothing happens during work...
--
Please reply to group only.
For private email please use http://www.dipl-ing-kessler.de/email.htm
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.os.linux.mageia

On 2025-12-19, Markus Robert Kessler <no_reply@dipl-ing-kessler.de> wrote:

Hi everyone!

A few years ago my employer switched remote access from homeoffice (me,
for instance) to intranet from vpnc to openconnect. On my colleagues' windows machines it was called anyconnect, except this, all the same.

Anyconnect is a program from CISCO to use with their vpn packages.
Openconnect is an opensouce replacepent for Anyconnect. It connects to
Cisco;s vpn and a number of others. There is also a ocserv(?) opensource
vpn software to pair with openconnect. Mageia 9 has openconnect but not the ocserv software.

At this time they also switched from RSA to one time password, based on Micro$oft Authenticator app. I was really happy to read a hint here, that there is oath-toolkit, and so even this challenge I was able to solve.

Well, as always, after the change is before the change. And now, they want to switch from CISCO Anyconnect / openconnect to a tool called "ZScaler".

All I find about this is that it claims to be "so much more secure than
vpn and firewall" (why?), and I found that this is payware (hence, closed source - take it or leave it).

In my understanding, to make intranet access "so much more secure" likely means, that there are processes running on my local machine all the time, watching what tasks are running and what they're doing.

Has anyone been in touch with "Zscaler connect" and can tell a little?

Thank you!

Best regards,

Markus

P.S. Well, in worst case scenario I could sacrifice an unused machine and install all that trash, then connect it only to my guest network with no access to my main networks and hope that nothing happens during work...

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.os.linux.mageia

On Mon, 22 Dec 2025 19:04:03 -0000 (UTC) William Unruh wrote:

On 2025-12-19, Markus Robert Kessler <no_reply@dipl-ing-kessler.de>
wrote:

Hi everyone!

A few years ago my employer switched remote access from homeoffice (me,
for instance) to intranet from vpnc to openconnect. On my colleagues'
windows machines it was called anyconnect, except this, all the same.

Anyconnect is a program from CISCO to use with their vpn packages. Openconnect is an opensouce replacepent for Anyconnect. It connects to Cisco;s vpn and a number of others. There is also a ocserv(?) opensource
vpn software to pair with openconnect. Mageia 9 has openconnect but not
the ocserv software.

At this time they also switched from RSA to one time password, based on
Micro$oft Authenticator app. I was really happy to read a hint here,
that there is oath-toolkit, and so even this challenge I was able to
solve.

Well, as always, after the change is before the change. And now, they
want to switch from CISCO Anyconnect / openconnect to a tool called
"ZScaler".

All I find about this is that it claims to be "so much more secure than
vpn and firewall" (why?), and I found that this is payware (hence,
closed source - take it or leave it).

In my understanding, to make intranet access "so much more secure"
likely means, that there are processes running on my local machine all
the time, watching what tasks are running and what they're doing.

Has anyone been in touch with "Zscaler connect" and can tell a little?

Thank you!

Best regards,

Markus

P.S. Well, in worst case scenario I could sacrifice an unused machine
and install all that trash, then connect it only to my guest network
with no access to my main networks and hope that nothing happens during
work...

Openconnect out of MGA9 repo works fine. I have it in use for several
years now. But, our company's "IT" is planning to replace it with a new solution, called "ZScaler". I don't even know what this is doing exactly,
and if it runs on (self-administrated) Linux at all.

Maybe someone knows?

Best regards,

Markus
--- Synchronet 3.21a-Linux NewsLink 1.2