Zero trust network access (ZTNA) is a product or service that creates an identity- and context-based, logical access boundary around an application or set of applications.

What is ZTNA?

 

In simpler words, this product or service creates a virtual wall around an application or multiple applications, so that no one can access them without permission. You can’t just stumble upon them, they are hidden from discovery.

Access is only granted to specific people or groups of people that the “trust broker” has verified as being legit. It is like having a bouncer at the door of a club, checking IDs before letting anyone in.

ZTNA removes application assets from public visibility, meaning that it’s way harder for hackers to attack them. This is because it focuses on how end users access cloud and online services and data.

There are a few key elements of ZTNA that make it work so well.

• First, there is strong authentication and authorization of endpoint systems and user accounts. This means that only trusted devices and users can access your data.

• Second, there are adaptive access policies that evaluate group membership and privileges, access behaviors, and known malicious or suspicious indicators. This is like having a smart security system that can identify if something is fishy.

• And finally, there is browser isolation and sandboxing to prevent malware infection and other browser-based threats. This is like putting on a hazmat suit before entering a contaminated area.

To know more about the other components of SSE, you can read our What is the difference between SSE and SASE answer here.