ZTNA 1.0 Has an App Problem — It Can’t Secure All Apps

Jun 15, 2022
3 minutes
... views

This post is also available in: 日本語 (Japanese)

ZTNA 2.0 Protects All Enterprise Applications, Including Private Apps, Cloud Apps and SaaS

This is the final post of “ZTNA Straight Talk,” a 5-part series where we take a closer look at the five tenets of ZTNA 2.0, the new standard for securing access.

It’s no secret that the modern workforce relies on a plethora of applications to conduct practically all of their work. From video conferencing to document collaboration, instant messaging and CRM, the list goes on and on. Regardless of where these apps are hosted, workers require seamless, high-performance access to all of them.

Security practitioners are tasked with keeping users, assets, apps and data safe. The promise of Zero Trust Network Access (ZTNA) – providing access for a user to an application rather than broad access to a network – is supposed to help alleviate the challenges of achieving this. However, as we discussed previously, the implementation of ZTNA 1.0 has fundamental flaws. In addition to those mentioned previously, ZTNA 1.0 fails to enable consistent security because it only works with a subset of applications that the enterprise relies on.

ZTNA 1.0 Is Unable to Secure All Apps

The vision of consistent, fine-grained access to all applications can’t be achieved with ZTNA 1.0. That’s because ZTNA 1.0 solutions don’t secure all apps. They don’t support cloud-based apps or other apps that use dynamic ports or server-initiated applications – like support help desk apps that employ server-initiated connections to remote devices. ZTNA 1.0 solutions don’t support SaaS apps, either.

Modern, cloud-native apps are often comprised of many containers of microservices, often using dynamic IP addresses and port numbers. Implementing ZTNA 1.0 for this type of application is a recipe for disaster. ZTNA 1.0 becomes completely ineffective for these sorts of app constructs because it provides access to a broad range of IPs and ports, exposing the organization to additional risk and defeating the point of Zero Trust.

As more and more organizations continue on their cloud journey and run their businesses on cloud-native applications, ZTNA 1.0 will become obsolete.

ZTNA 2.0 Provides Consistent Security for All Apps

While legacy ZTNA solutions only address a fraction of enterprise apps, ZTNA 2.0 will secure all apps, regardless of where they’re hosted. It can be a modern cloud-native microservices-based application that doesn’t get restricted by IPs and ports, a SaaS app, a traditional private app or legacy app.

ZTNA 2.0, delivered by Prisma Access, provides superior security while delivering uncompromised performance and exceptional user experiences, all from a single unified approach. It is purpose-built on a truly cloud-native architecture to secure today’s digital enterprises at cloud scale, providing uncompromised performance backed by leading SLAs that deliver exceptional user experience. Being completely software-based and hardware neutral, auto-scaling allows Prisma Access to keep up with changing hybrid workforce and evolving business demands without requiring manual interactions or processes.

ZTNA 2.0 Is Zero Trust with Zero Exceptions

Pursuing a true Zero Trust posture is a journey, and providing consistent security and control across all apps, regardless of where they are hosted or accessed from is an important step. That’s why securing all apps used in the enterprise, including modern apps and SaaS, is a core pillar of ZTNA 2.0.

Watch our special launch event where we discuss innovations and best practices for securing the hybrid workforce with ZTNA 2.0 and Prisma Access.

Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.