What are the Benefits of ZTNA?
ZTNA offers multiple benefits for companies, including:
- Continual operation. ZTNA works constantly in the background to verify users, check posture, identify changes and — if necessary — terminate sessions to protect business networks.
- Attack surface reduction. “In a traditional VPN network, remote desktop protocol access requires a rule that allows TCP port 3389 to get through,” Austin says. “If an attacker connects, they can run a scanning tool to look for these open ports and tell what services are available.” Zero-trust frameworks reduce a company’s overall attack surface by hiding business-critical applications and network conditions from the internet.
- Routine verification. Users are verified and authenticated when they first connect to an application or service, and then are verified at regular intervals to ensure their posture has not changed.
- Security in every location. With employees now connecting from home offices, airports and coffee shops, security anywhere is paramount — and it depends on key device characteristics. According to Austin, “If you’re using ZTNA, you can verify that the device being used belongs to your organization. You could look for registry entries and active directory group membership, or even write a hidden text file to all authorized devices and scan for that file before authorizing connection requests.”
LEARN MORE: Explore how SASE can help your business achieve a zero-trust framework.
How Fortinet Facilitates ZTNA
Austin notes, “The most important thing for people to understand is that ZTNA is not a product. Instead, it’s a process built into the core of multiple products. It’s the interaction of these products that makes zero trust possible.”
For Fortinet, facilitating ZTNA is all about the security fabric: creating an interwoven framework that connects multiple solutions to deliver zero trust.
“All of our products communicate with the security fabric,” Austin says. “By default, posture checking happens once per minute. The fabric is synced across solutions, and all data is reported upstream.” This facilitates both automatic actions and incident notifications.
For example, if an employee connects using a remote desktop protocol and then turns off his or her firewall, that employee is automatically dropped from the network. He or she won’t be able to reconnect until the security posture matches network policy.
DISCOVER: Learn about how you can bolster your security solutions today.
With more than 50 security products capable of ongoing communication, Fortinet provides a single-vendor source to help companies create a comprehensive security fabric. Austin puts it simply: “ZTNA is a process enabled by communication.” The Fortinet fabric facilities this conversation.
Brought to you by: