Negotiate Zscaler on the Zero Trust bundle

How does Zscaler per user per year pricing work?

Zscaler charges a fixed price per user per year for each module family, bundled into an edition. The user count, not the traffic, drives the bill.

That means your baseline is everything. Set it on active users and you control the floor. See current packaging on the Zscaler products page.

What is the ZIA framework and where does it oversize?

Zscaler Internet Access is the inspection core and the easiest to oversize. Tie its user count to people who actually route traffic through it.

What is the ZPA framework and how do you scope it?

Zscaler Private Access replaces remote access for named applications. Scope it to the application set in production, not the full app catalog.

• ZIA: web and inspection, size to active routed users.
• ZPA: private access, size to live applications.
• ZDX: experience monitoring, size to supported endpoints.

What does the ZDX framework add?

Zscaler Digital Experience monitors end user performance across the path. Size it to supported endpoints and add it only when an operations team owns the data.

Which Zscaler add ons should you defer?

Defer Data Protection, Cloud Browser Isolation, and Risk360 until a project owns each one. They inflate the base when bought ahead of use.

How should you treat the Data Protection framework?

Buy Data Protection only when a data loss program owns it. Otherwise it sits idle and resets to list at renewal.

When does Risk360 earn its line item?

Risk360 earns its place when a named owner reports from it monthly. Without that, it is shelfware with a renewal cost.

How do you build a competitive anchor against Zscaler?

Price one credible alternative before you negotiate. A quote you can walk to is the only thing that moves the Zscaler number.

• Name a credible competitor and request indicative pricing.
• Hold the alternative as a written walk position.
• Refuse to co term mid contract adds.

The Zscaler negotiations that land below benchmark are the ones where the buyer priced a real alternative before the first counter.

Why do price protection clauses outrank the discount?

A capped renewal beats a deeper first year discount every time. Tie the cap to a public index and lock it for the term.

What buyer side moves close the gap on Zscaler?

Work the baseline, the catalog, and the anchor in sequence.

1. Set ZIA and ZPA user counts on active usage.
2. Defer Data Protection, Isolation, and Risk360 to scoped projects.
3. Price one credible competitor as your anchor.
4. Cap the renewal uplift to a published index.
5. Refuse mid term co terming.
6. Benchmark per user price before countering.