Zscaler China Premium: Ensuring Resiliency During China's Cross-border Internet Traffic Disruption

China's Port 443 Blockage 

On August 20, 2025, between 00:34 and 01:48 Beijing Time (UTC+8), China mainland experienced a significant internet disruption due to the temporary blockage of port 443. This incident, closely monitored by Zscaler Digital Experience (ZDX) (refer Fig. 1), caused widespread service interruptions and a noticeable surge in latency for SaaS application access across all major ISPs in China during the specified time interval (refer Fig.2)

What is Port 443 and Why Does It Matter?

Port 443 is the default port for HTTPS traffic, which powers secure communication between web browsers and servers. Crucially, HTTPS that uses port 443 is responsible for encrypting data transmitted online, thereby safeguarding sensitive information such as credit card details, passwords, and other personal data from interception and misuse. This encryption is vital for maintaining the confidentiality and integrity of online interactions.

Why did it happen?

The port 443 blockage in China on August 20, 2025 happened due to anomalous behavior by the Great Firewall, which injected forged TCP RST+ACK packets to disrupt all HTTPS connections(refer to link (5) mentioned for additional reference). 

The exact reason remains unclear, but experts suggest two possibilities:

1. A test of new censorship capabilities — possibly to evaluate how effectively China could isolate itself from the global internet.
2. A technical misconfiguration — the device responsible didn’t match known Great Firewall equipment, hinting at either a new system or a glitch in an existing one.

No political or sensitive events were identified during that time, hence the reason could be point 2 listed above.

Zscaler Observed Impact

Zscaler Digital Experience (ZDX) provides real-time visibility and insights into user experience across applications, devices, and networks to quickly identify and resolve performance issues. 

Fig.1, ZDX monitoring shows interruptions on August 20, 2025, between 00:34 and 01:48 Beijing Time (UTC+8). The web probes from Zscaler Client Connector across to all ZIA Public DCs in China shown in figure. 

Fig.2, ZDX monitoring of latency for SaaS applications surged on August 20, 2025, between 00:34 and 01:48 Beijing Time (UTC+8) on the left side compared to normal times shown on the right side where no latency was observed. These are web probes monitoring SaaS apps when users in China are accessing different SaaS apps

Mitigation Strategies for Businesses

The blockage of port 443 led to widespread disruptions, particularly affecting secure internet communications and business-critical operations. Key implications include:

• Internet Service Disruption: Services relying on HTTPS (port 443) — including secure browsing, SaaS platforms, and encrypted communications — experienced severe latency and outages. Tools like Zscaler ZDX recorded significant performance degradation during the event.
• Operational Effect on Enterprises: Businesses, especially those in China, faced major challenges with SD-WAN and VPN solutions that depend on port 443 for secure tunnels and cloud orchestrator access. This hindered internal communications, data transfers, and access to cloud resources.

In response to the challenges posed by such blockages, businesses and organisations can adopt mitigation strategies:

Exploring Alternative Connectivity Solutions like Zscaler Premium Services in China:

Companies should actively investigate and implement alternative solutions for maintaining secure communication like Zscaler Premium Services in China.

Zscaler Premium Services in China deliver fast, secure, and reliable access to international and domestic applications for users in mainland China through premium ISPs, private connectivity, and endpoint-centric architecture—ensuring compliance, performance, and simplified IT operations. ZIA China Premium in Fig.3, ZIA China Premium Plus in Fig.4,  ZPA China Premium in Fig.5. Zscaler Premium Services in China had no impact due to multiple ISPs which peer better in this infrastructure, Premium internet connectivity with SLAs, closer to your location connectivity to the nearest data center with data redundancy & optimized network connectivity in premium infrastructure . Its services continued to operate normally, providing customers with consistent and reliable access to critical applications and resources. This highlights the importance of ZIA China Premium (refer Fig. 6) and Premium Plus Services (refer Fig. 7) in maintaining business continuity during network-level disruptions. 

Fig. 3, ZIA China Premium with Premium connectivity ensured stable performance and no impact was observed even with the presence of GFW. 

Fig. 4, ZIA China Premium Plus with dedicated infrastructure per customer with dedicated premium circuits and no impact was observed

Fig. 5, ZPA China Premium with premium connectivity even though GFW is present, no impact was observed.

Fig.6, ZIA China Premium no impact at specified time interval 

Fig. 7, ZIA China Premium Plus no impact at specified time interval

Conclusion & Next Steps

The August 20, 2025 incident highlights the fragility of internet infrastructure in China and underscores the urgent need for secure, resilient communication systems.

Please reach out to your Zscaler account teams to learn more and share your use case details and other feedback with us.

References:

1. ZIA China Premium/ZIA China Premium Plus
2. ZPA China Premium
3. https://help.zscaler.com/zdx/what-is-zscaler-digital-experience
4. https://help.zscaler.com/zdx/monitoring-applications-overview
5. https://gfw.report/blog/gfw_unconditional_rst_20250820/en/
6. https://www.theregister.com/2025/08/21/china_port_443_block_outage/
7. https://securityboulevard.com/2025/08/great-firewall-china-web-74-minutes-richixbw/
8. https://www.sdxcentral.com/news/mystery-outage-cuts-china-off-from-global-internet-traffic/