What is ZTNA?
Zero trust network access (ZTNA) is an element of zero trust access that focuses on controlling access to applications. ZTNA extends the principles of zero trust access (ZTA) to verify users and devices before every application session. This confirms that they meet the organization’s policy to access that application.
Fortinet Brings ZTNA to the Fortinet Security Fabric
Starting with the FortiOS 7.0 release, ZTNA capabilities are enabled on any device or service running FortiOS. This includes hardware appliances, virtual machines in clouds, or even the FortiSASE service.
A FortiGate next-generation firewall and the FortiClient ZTNA agent are all that’s needed for your organization to enable more secure access and a better experience for your remote users, whether on or off the network. These benefits are compelling many organizations to shift from VPN to ZTNA.
Why Fortinet ZTNA?
A key element of the ZTNA concept is the location independence of the user. The application access policy and verification process is the same whether the user is on the network or off the network. Users on the network have no more trust than users that are off the network.
Because users might be off the network, Fortinet ZTNA includes a secure, encrypted tunnel for connectivity from the user device to the ZTNA application proxy point. The automatic nature of this tunnel makes it easier to use than traditional VPN tunnels, improving user experience.
Better security is also delivered by Fortinet ZTNA. It puts applications behind a proxy point, hiding them from the internet. Only those users who have been verified can gain access to those applications.
How Fortinet ZTNA solves secure access challenges
Fortinet ZTNA reduces your attack surface and simplifies the management of application access at the same time. Fortinet ZTNA reduces your attack surface by:
- Hiding applications. Applications will ignore communications unless they come from a proxy point.
- Verifying users. The proxy point performs a user-verification check every time an application is accessed.
- Assessing devices. The proxy point performs a device posture assessment every time an application is accessed.
- Creating tunnels for users. The ZTNA agent automatically creates a secure tunnel from the user to the proxy point, whenever an application is accessed.
Fortinet ZTNA simplifies management by enabling administrators to easily configure and enforce role-based access control for users and applications with a policy that is the same no matter where the user is located.