Zero Trust Network Access (ZTNA): Secure, Controlled, and Deployed from Everywhere
April 3, 2022
Many large enterprises consider their internal networks safe—protected by perimeter firewalls and VPN solutions—and that security threats are primarily present external to their networks. In reality, the enterprise network attack surface has experienced a multifold expansion brought about by trends in work-from-anywhere, Direct Internet Access (DIA), application-and-data migration into the cloud, BYOD, IoT, and increasingly sophisticated hacker attacks with lateral movement. Corporate “internal” networks are often as insecure as “external” networks, if you can even still find the borders between these.
ZTNA is a modern network architecture that brings back the security essential to your corporate network. The approach is to trust nothing and to consider no network segment inherently safe. Its mechanisms protect all your corporate traffic, regardless of where and how it is physically transported. It’s a software-only solution—on-prem and/or cloud-based—that ensures tight security as well as obviating the onerous maintenance of hardware appliances (VPN concentrators, IDS/IPS, FWs and more) that fall short of the securing modern networks.
A ZTNA architecture enforces security based on the context of the transaction: who is user, what device is being used, what application is accessed, where is the user/device located, how is the user/device connected to network? ZTNA authenticates both users and their devices, allowing managed and unmanaged devices, home access to corporate resources, and enables IoT device security where there is no user or agent on the device. Policies can be tailored in many dimensions for users, groups, locations, device characteristics and interworks with your existing Identity and Authentication mechanisms.
When evaluating ZTNA vendors, you must look for capabilities and technologies including granular application control, device posture checking, geo-fencing, network obfuscation and big data analytics. The solution must also work together with other cloud services such as CASB, DLP, UEBA and SWG.
Join Suraj Chandrasekaran, Director of Solution Engineering at Versa Networks, in this webinar as he explains how ZTNA capabilities work and are deployed, discusses in-depth architecture details, and how superior network security results from the implementation. He also covers various use cases, and how to evaluate ZTNA vendors to ensure security in your network.