The evolving cyber security framework: ZTNA revisited

Zero Trust Network Access moves away from a traditional network perimeter-based security model to focus on a holistic approach.
Paul Stuttard
By Paul Stuttard, Director, Duxbury Networking.
Johannesburg, 08 Dec 2023
Paul Stuttard, director, Duxbury Networking.
Paul Stuttard, director, Duxbury Networking.

In a previous article, I said that because Zero Trust Network Access (ZTNA) addresses the challenges posed by modern digital environments, it will change the way future networks are built and operated.

Now, this cyber security framework − which should be viewed as a concept or capability rather than a specific product − is poised to do considerably more than this.

ZTNA is moving away from a traditional network perimeter-based security model to focus on a holistic approach to securing user-to-application communications − irrespective of the user's location or the application's hosting environment.

Importantly, users (including third-party users) are authenticated and authorised based on their identity, not their network location.

This is the result of ZTNA’s concentration on identity verification as a fundamental component of a watertight security platform, supported by device security, access control and continuous monitoring.

Multi-factor authentication, device attestation, biometrics, passwords and many other factors are possible components of an instinctive ZTNA identity verification solution.

ZTNA is increasingly recognised as a VPN substitute, offering a cutting-edge alternative to conventional VPNs.

Sometimes known as role-based access control, this approach seeks to ensure access is granted to those who need it, and that only authorised users are given access to programs and resources that are necessary for their precise roles within an organisation.

Crucially, ZTNA is adept in identifying anomalous behaviour, such as odd access patterns, access from strange places, occasions when a user's actions might cause suspicion, or if an application experiences a spike in traffic.

Using this information, it is then able to conduct behavioural analyses that may result in a variety of automated reactions, including a requirement for extra authentication steps or the termination of access.

As it monitors users' PCs − both with and without installed agents − ZTNA is ideally suited to supervise and manage third-party access, while offering central control and management. This secure, identity-centric and dynamic approach to access control is imperative in a world where working with outside partners and vendors is typical.

Because ZTNA's access controls are context-aware and always given first priority, it enables rapid responses to be made to real-time threat intelligence. This is key to reducing the risks of lateral movement and consequential lateral attacks within an infrastructure − either by external bad actors or by malicious insiders.

In light of this, ZTNA uses application segmentation to separate and safeguard distinct applications. Firewall rules and network micro-segmentation are generally used to enforce segmentation.

Device posture evaluation is frequently incorporated into ZTNA's access control mechanism. It assesses the connecting device's security posture to make sure it conforms with the organisation's security policies before allowing access. Access to a device may be prohibited or allowed with restrictions if it is thought to be unsafe or non-compliant.

To further manage user and device access to both internal and external resources, ZTNA provides a centralised control point. From a single console, it offers visibility and control over who may access what and under what circumstances.

ZTNA systems additionally check application traffic for risks, compliance and provide content screening. To safeguard data while it is in transit, traffic is encrypted, while technologies such as transport layer security help to maintain secure connections.

Moreover, ZTNA solutions frequently incorporate single sign-on procedures which enable users to access numerous apps with a single set of credentials. By eliminating the need for several passwords, user ease and security are improved.

Significantly, ZTNA achieves its objective of offering an intuitive user experience by reducing the need for customers to be concerned with complex network configurations or virtual private network (VPN) connectivity.

ZTNA is increasingly recognised as a VPN substitute, offering a cutting-edge alternative to conventional VPNs, resulting in a more effortless, convenient and secure access process.

Traditionally, network-level access has been made possible via VPNs which − unfortunately − frequently permit users to access more resources than they need.

By contrast, ZTNA minimises the attack surface by enforcing a least-privilege strategy and – as mentioned − only allowing access to resources and apps needed to meet the user’s specific work requirements.

ZTNA can also function as a secure web gateway, managing and safeguarding user access to websites and online content. It is an essential part of an organisation's overall security posture since it upholds security standards, filters content and examines traffic to identify and stop threats.

Another significant advantage delivered by the ZTNA platform is increased flexibility due to its deployment of software-as-a-service designs and its popularity for application in cloud-native environments.

Flexibility is also crucial to deciding the pace and scale of a ZTNA deployment, as each has its own unique demands. It is important to identify, then prioritise and progressively bring applications and services under the ZTNA umbrella.

This is according to Sriram Krishnan, head of product management at BlackBerry, the former smartphone giant and now software specialist. A ZTNA implementation and its pace of deployment should “be determined by your organisation’s unique use cases, user experiences and security objectives,” he stresses.

Let’s leave the last word to acclaimed business development executive and author Bill Welch. With cyber threats becoming increasingly sophisticated and remote work becoming the norm, he says security is more important than ever.

“ZTNA is emerging at the forefront of this transformation, challenging traditional security models and ushering in a new era of proactive defence.”