This blog is part of “ZTNA Partners,” a series where we take a closer look at how our partnerships protect today's hybrid workforces and environments with ZTNA 2.0.
By now, it’s clear to everyone that the workplace is changing. Work used to be a physical place where all of us went to get access to all the applications, data and resources needed to do our jobs. Now, we can do that from anywhere. The transition to remote work means more workers are logging on to company networks from various devices and different locations. Meanwhile, many organizations are granting remote workers access to their internal systems through cloud and hybrid cloud environments.
On the plus side, these environments can greatly increase collaboration, data accessibility and workplace productivity. But the accelerated transition to remote and hybrid work has also increased an already vast attack surface, exposing major gaps in security approaches. Cyber adversaries have exploited these security gaps and widened the attack surface with a dramatic increase in cyber attacks. Consider that ransomware was the single greatest cyber threat that global organizations cited in Orange Cyberdefense’s Security Navigator 2022 report.
In the past, defining cybersecurity was much more straightforward because companies typically focused their cybersecurity efforts on the data center as the primary point of attack. To help protect their data centers, organizations relied on virtual private networks (VPN) to minimize the risks of offsite work. Today, VPNs are less effective because they weren’t built for decentralized, cloud-based systems that are becoming more common as organizations digitize their operations.
In an effort to achieve the next evolution in cybersecurity in this remote and hybrid world, Palo Alto Networks and Orange Cyberdefense are supporting their customers in their journey to implement a Zero Trust strategy that fills the gaps inherent in a modern, digitized, cloud-based environment. This approach can help organizations to improve cybersecurity in a decentralized world.
Zero Trust isn’t a single technology that serves as an all-encompassing solution for security. Rather, it’s a process that supports and underscores a company’s overall cybersecurity strategy. The ultimate goals of Zero Trust Network Access (ZTNA) are to enforce the concept of “least privilege” and minimize the impact of cyber attacks.
Least privileged is a fairly simple idea. It means that you only need to give a user the minimum level of access or permission needed to perform an action. If you need to do something, you only have the right to do that particular task and nothing else.
ZTNA involves continuous identity verification, using automation to rapidly identify and contain threats without negatively impacting the user experience. It grants access only to specific services or applications, as opposed to VPNs, which give a user access to the entire network. But today, ZTNA has become a fundamental best practice in cybersecurity that ensures a vulnerability in one application cannot impact other systems in the network.
ZTNA has existed for a few years now. The original ZTNA approach relies heavily on IP addresses and port numbers to identify apps. The flaw in this approach, however, is that it can grant a user more access than needed if the app uses a dynamic port or IP address.
In addition, the first generation of ZTNA works on the principle that once it grants access to an app, it assumes the user and app will behave in a trustworthy manner forever. Additionally, it supports only a subset of private apps, while microservices and cloud-native apps that often use dynamic ports are unable to be secured. This is a recipe for a cybersecurity disaster.
Now, with the increasing prevalence of cloud-based networks in remote and hybrid work environments, a new approach to ZTNA is needed. We call it ZTNA 2.0, the second generation of ZTNA.
The evolution of Zero Trust and protection is what is referred to as ZTNA 2.0. In this approach, least privileged access begins at the layer 7 application level, enabling precise access control at the app and sub-app levels. With cloud-based apps, organizations are applying more advanced verification techniques, such as deep packet inspection and encrypted traffic analytics, to ensure that least privileged access is maintained.
From there, ZTNA 2.0 continuously monitors internal and external sources and collects data about device characteristics and application states. This allows organizations to identify security issues immediately and shorten the time to remediation before the threat can grow or cause significant harm to the network or application.
ZTNA 2.0 provides protection and security for all data and apps used within the enterprise, including private apps, cloud-native apps, legacy private apps and even software-as-a-service (SaaS) apps that use dynamic ports and leverage server-initiated connections.
Adopting ZTNA 2.0 into an organization’s cybersecurity strategy, and the solutions used to implement it, requires an analysis to determine what apps are in use, potential risks and vulnerabilities, as well as the organization’s security policies.
One of the challenges is to understand the applications your users are working on within your business. Historically, with a data center, it was an easy job. Today, workers are using external software in the cloud, so a global picture is critical to securing your network.
Palo Alto Networks and Orange Cyberdefense are working together to champion a new paradigm: ZTNA 2.0 solutions that meet the cybersecurity needs of today’s digital enterprises.
To learn more about the latest in ZTNA 2.0 developments, watch on-demand, SASE Converge 2022, the industry's premier event for SASE by Palo Alto Networks. In this exclusive two-day virtual summit, hear from the brightest minds as they define the future of SD-WAN, Zero Trust Network Access and SASE.