What is Zero Trust Network Access (ZTNA)?
Gartner defines ZTNA as “a product or service that creates an identity- and context-based, logical access boundary around an application or set of applications. The applications are hidden from discovery, and access is restricted via a trust broker.” In short, ZTNA trusts nothing and considers no network segment inherently safe: ZTNA’s default security posture is “deny all”, an approach that hides asset visibility and significantly reduces the attack surface of your network.
A ZTNA security approach has become imperative due to the increasing popularity of cloud migration, Direct Internet Access (DIA), Work-from-anywhere (WFA), and the use of unmanaged BYOD/IoT devices: trends that have dissolved legacy networks’ hard perimeter. Modern client-to-cloud and WFA networks have a software-defined perimeter: the worker’s home has become a branch office, and the internet is part of the corporate network. “Intranet” no longer has a definitive meaning.