In Zscaler, how is traffic treated once it is identified as non-80 and non-443?

In Zscaler, when traffic is identified as non-80 and non-443, it is sent directly to the internet without the proxy. This is based on the understanding that Zscaler primarily focuses on HTTP (port 80) and HTTPS (port 443) traffic for its filtering and security functionalities. Traffic on other ports often does not go through Zscaler’s security mechanisms, which are designed to intercept and inspect HTTP and HTTPS traffic where most web-based threats are prevalent.

By sending non-HTTP/S traffic directly to the internet, Zscaler allows those connections to operate without the added layer of proxy services, which could introduce latency or inefficiency for specific applications that rely on other protocols. This approach is essential for maintaining performance for non-web-based applications while simultaneously ensuring that the majority of internet-bound traffic is being adequately secured and monitored.