🦊Securing a network or SD-WAN isn’t just about placing a firewall or firewalls within your network. Traditionally Enterprises would do this at the perimeter edge before breaking out to the Internet.

With Cloud and Mobility thrown into the mix, traditional network security isn’t going to quite cut it.

What is ZTNA and why do you care?

Zero Trust, essentially operates under the meaning of ‘never trust and to always verify who you say you are’. Once you have verified who you are, there will always be a continuous check to make sure everything is secure without any changes, such as disabling your local firewall as an example.

How does ZTNA work?

Authentication – Making sure you are who you say you are! Usually you would implement MFA.

Authorisation – You are allowed to access ONLY what you need and nothing more.

Micro-Segmentation – The application you access will be within a contained perimeter so should there be a breach, then it is only affecting a smaller area of the network instead of the whole network.

Privilege – Provide you with the least privileged access, so only utilising and accessing information relevant to do your job and nothing more. Essentially this stops granting you information or applications you don’t need.

Posture – Continiously checking the device to determine if it meets the requirements, an example could be a user disabling their firewall or security updates of the device. The device must meet the ZTNA requirements otherwise access will be denied. The Profile of the ZTNA Posture is defined by the Organisation. Examples of Posture checking can be:

Type of OS
Firewall enabled
Endpoint installed
System Password
Encryption of the storage

This is not to suggest that ZTNA will replace your traditional security solutions, such as firewalls, end point protection. They all complement each other and adding ZTNA will only help!

I have included Cisco’s SSE/ZTNA Secure Access as an example.

I’d love to hear how other vendors approach ZTNA so please let me know!

Hope this helps! 😁