Zero Trust Network Access, also known as software-defined perimeter (SDP), is a modern approach to securing access to applications and services both for users in the office and on the road. How ZTNA works is simple: deny everyone and everything access to a resource unless explicitly allowed. This approach enables tighter network security and micro-segmentation that can limit lateral movement if a breach occurs.
By contrast, once legacy network solutions authenticate users, they implicitly gain access to everything on the same subnet. Only a password prevents unauthorized users from accessing a resource. ZTNA flips that paradigm. Users can only “see” the specific applications and resources explicitly permitted by their company’s security policy
ZTNA is not only more secure than legacy network solutions, but it’s designed for today’s business. Legacy networks assumed a fixed perimeter. A stack of security applications kept inappropriate external traffic out of the network. Fixed perimeters today, though, are both vulnerable and ineffective. Users work everywhere — not only in offices — and applications and data are increasingly moving to the cloud. Access solutions need to be able to reflect those changes. With ZTNA, application access can dynamically adjust based on user identity, location, device type, and more.