Zscaler Launches MCP Server: Manage Enterprise Security Architecture with Natural Language

Key Points: On May 28, 2026, Zscaler open-sourced its official MCP Server project on GitHub. It allows enterprises to manage Zscaler security products through natural language interactions with AI assistants (e.g., Claude, OpenAI Agent, etc.), marking the entry of cybersecurity management into the conversational AI era. This tool is based on Anthropic's Model Context Protocol (MCP), serving as a translation layer between AI assistants and the Zscaler product suite, balancing flexibility and security. Original Link: https://github.com/zscaler/zscaler-mcp-server

Enterprise security architectures are becoming increasingly complex. Traditional management relies on graphical interfaces or command lines, which are cumbersome to operate and have a steep learning curve. With the improvement of LLM capabilities, the industry is exploring natural language dialogue management methods. Anthropic's open MCP protocol has become a standard bridge connecting AI assistants with external tools/data sources, eliminating the need to develop separate integrations for each system.

Zscaler MCP Server acts as a translation layer between AI assistants and Zscaler products, supporting several core products:

• ZIA (Cloud-Native Secure Web Gateway: URL filtering, malware protection, data loss prevention)
• ZPA (Zero Trust Network Access, replacing traditional VPN)
• Zscaler Cloud Connector (Hybrid/multi-cloud secure connectivity)
• NSS (Real-time log streaming and analysis) Administrators can perform operations via natural language, such as "Create a URL filtering policy for the marketing department" or "View 24-hour threat interception statistics", without needing to memorize APIs or navigate interfaces.

Zscaler MCP Server follows the MCP protocol and exposes standardized tools for AI assistants to call. Each tool encapsulates logic such as authentication and parameter validation for Zscaler API endpoints. AI assistant processing flow:

1. Understand user intent
2. Select the appropriate tool
3. Extract parameters
4. Call the tool via MCP
5. Present human-readable results Advantage: AI assistants do not need to understand Zscaler API details; they only need to understand the MCP protocol, and the Server handles translation into specific API requests.

Supports multiple deployment modes:

• Local operation (standalone service in private network)
• Containerized deployment (Docker image, compatible with Kubernetes)
• SSE transmission (compatible with various MCP clients) Authentication mechanism: Supports Zscaler OAuth2.0 and API Token to ensure authorized access; enterprises can configure fine-grained permission control to limit the access scope of AI assistants.

Application Scenario Example: When a security analyst investigates a data breach, they can query the AI assistant for "Users who accessed confidential files in the past week" or "Proportion of access from non-company devices" to quickly get results. Industry Significance: Marks a paradigm shift in enterprise security management, ushering in the trend of "conversational security operations". As a cloud security leader, Zscaler sets a benchmark, and other vendors are expected to follow with MCP integrations. Practitioners need to improve their ability to collaborate with AI and express security intentions in natural language.

The open-source release of Zscaler MCP Server provides enterprises with a new way to manage security products. By encapsulating complex API operations in natural language, it lowers the management threshold and improves operational efficiency. It is recommended that practitioners focusing on enterprise security architecture try this solution and grasp the trend of AI and security integration.