七月 26, 2023

A Step-by-Step Approach to Deploying ZTNA

Zero Trust Network Access (ZTNA) is the new security standard
Forcepoint

Prior to the COVID-19 pandemic, Zero Trust Network Access (ZTNA) existed more commonly as a theoretical ideal for the “next step” than as a practical reality. As work-from-home models began to gain traction, they highlighted a huge need to provide seamless access to corporate resources while avoiding the shortcomings of Virtual Private Network (VPN) connections.

Zero-trust principles call for moving beyond the traditional perimeter-based security model by verifying the identity of each user, device and application before it accesses a protected resource, regardless of whether it is located on a secure network. The rapid worldwide adoption of ZTNA during and since the pandemic, as workers adopted remote and hybrid models and applications migrated to the cloud, has been nothing short of revolutionary.

According to Gartner®, this shift does not appear to be slowing, and ZTNA is becoming the undisputed new standard for cybersecurity. This development could also alter the threat landscape by incentivizing attackers to devise alternative strategies as ZTNA offers an effective deterrent to unauthorized access attempts.

“Gartner predicts that by 2025, at least 70% of new remote access deployments will be served predominantly by ZTNA as opposed to VPN services, up from less than 10% at the end of 2021.”

[1]

“Gartner analysts predict that through 2026, more than half of cyberattacks will be aimed at areas that zero-trust controls don’t cover and cannot mitigate.”

[2]

 

Look to the future by implementing ZTNA as part of a SASE platform

The best long-term approach for implementing ZTNA is one component of a unified Secure Access Service Edge (SASE) platform. SASE also incorporates Cloud Access Security Broker (CASB) and Secure Web Gateway (SWG) services, along with Secure Software-Defined Wide Area Networking (SD-WAN) to ensure network security.

Administrative policies and budgetary allocations may only allow for introducing one solution at a time based upon immediate needs, but security teams may still adopt solutions from within the same SASE framework with an eye to the future benefit of shared threat prevention, data security and visualization capabilities across security solutions. This approach can yield faster and easier deployments of subsequent solutions and reduced operating costs.

Despite its widespread presence, ZTNA is still a relatively recent technology, which means that many InfoSec and IT teams lack experience in deploying it. To simplify the process and help set organizations up for long-term success, we created a webinar detailing the basics along with forward-looking considerations for ZTNA implementation.

These include steps such as:

  • Reviewing your existing resources and defining your short- and long-term goals
  • Weighing the pros and cons of agent-based and agentless options
  • Creating and applying Data Loss Prevention (DLP) and access policies
  • Reviewing your checklist of technical requirements
  • Planning for more complex applications like SAP and Splunk

 

Check out the “Best Practices for Implementing ZTNA webinar for the full guide to deployment and planning.

 

 

Forcepoint

Forcepoint-authored blog posts are based on discussions with customers and additional research by our content teams.

Read more articles by Forcepoint

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.