How to Select the Right ZTNA Offering: Gartner Report
Zero trust isn’t one-size-fits-all. Get the Gartner® report to help you find the right fit.
ZTNA isn’t the flip of a switch.
According to Gartner®: “Zero trust network access (ZTNA) is a maturing technology, often requiring more than one vendor to satisfy all use cases.” So where do you begin in choosing which vendors work best for the use case you need most?
Our key takeaways
We believe this Gartner® report will help you narrow down the types of vendors that will work best for your needs, including:
- Which use cases benefit from a VPN, SSE, PAM, OT and secure remote access.
- How ZTNA fits into a wider secure remote access strategy.
- Four key use cases for ZTNA.
- How to evaluate vendor capabilities and establish a zero trust strategy.
.svg "Report Recommendations (1)")
Report recommendations
Based on the report’s recommendations, when shortlisting vendors, you should consider four factors:
- Visibility and control
- Platform
- Connectivity
- Dynamic risk scoring
Additional Resources
Ready to take the next step in your ZTNA journey? Check out our library of free resources.
Webinar: Transitioning to a ZTNA Model
Watch this webinar replay to hear from analyst John Grady from Enterprise Strategy Group (ESG) for a roadmap to begin the journey to ZTNA in your SMB.
Watch the replay -->The IT Admin’s Guide to Evaluating Network Security Solutions
Point vs. platform; VPN vs. SASE vs. SSE vs. ZTNA; vendor reputation — where do you begin? Cut through the marketing jargon with our guide and free vendor evaluation checklist.
Download the guide -->Enforce ZTNA with a VPN
Enforcing Zero Trust Access is a critical layer of a reliable security program. Find out how a VPN like CloudConnexa can help.
Zero Trust VPN -->ZTNA — Beyond the Acronym
Learn how to incorporate the tenets of ZTNA and get started on your ZTNA journey.
Getting started with ZTNA -->Frequently asked questions
What is the purpose of ZTNA?
Zero Trust Network Access (ZTNA) aims to enhance security by assuming that threats could exist inside and outside a company’s private network perimeter. ZTNA tenets include least privilege access, hiding your applications from public view, and using digital certificates for users and devices.
How is ZTNA different from Zero Trust?
Zero trust is the overall strategy that relies on the core principle “never trust, always verify.”
According to Gartner, “Zero trust network access (ZTNA) creates identity- and context-based, logical-access boundaries around users, devices and applications..” Doing this hides the apps from discovery and restricts access using a trust broker and a set of named entities. The broker verifies users based on identity, context, and policies — and stops lateral movement in the network. Because application assets are removed from public visibility, potential attack surface is reduced.
However, it’s crucial to note that Zero Trust is not any one singular product or service, rather it is a collection of services and solutions that work together to accomplish the principles of zero trust and least privilege.
In other words, zero trust is the strategy, zero trust network access is the tool or technology used to get there.
Do you need a VPN for ZTNA?
A VPN can help your business achieve the tenets of zero trust including:
- Identity-driven authorization policies, which enforce secure access to only authorized applications and not the entire network.
- Use of additional security checks based on device identity, device security posture and user’s location context.
- Prevention of lateral movement on your network with strong identity authentication and network-level authorization for services access.
- Defining access controls based on user groups.
What are the core principles of ZTNA?
There are three basic principles of ZTNA:
- Explicit verification — Each user and machine log-in must be verified using two-factor authentication (2FA) or multi-factor authentication (MFA). No access is permitted until requests are fully authenticated.
- Use of least privilege access — No single user or account has access to all applications. Not even high-level employees, management, or executives. Each user is assigned the permissions required to fulfill their tasks — nothing more
- Assume data breach attacks are underway — Network administrators and IT teams operate as if each connection is a potential threat. No user is trusted unless authenticated, and possible injections and other attacks could be hiding on the network and have yet to be discovered.
What specific environments are the best for ZTNA?
Remote or hybrid work environments are often the most in need of ZTNA technology. However, any business, from small and midsize to enterprise level can benefit from the zero trust strategy.
How does ZTNA fit into the SASE framework?
ZTNA segments access based on user profiles and their associated trust levels for a more risk-informed access strategy. This is just one piece of the SASE framework.
Get started — no credit card required
Our Technical Support team is available 24/7 to guide you through every step of set-up and configuration. But we doubt you’ll need us.
Gartner, How to Select the Right ZTNA Offering, John Watts, Craig Lawson, Aaron McQuaid, Charlie Winckless, 7 September 2023.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.