Gartner predicts that by 2023, 60% of enterprises will phase out traditional VPNs and use a ZTNA model.
Gartner defines Zero Trust Network Access (ZTNA) as…
“a product or service that creates an identity- and context-based, logical access boundary around an application or set of applications. The applications are hidden from discovery, and access is restricted via a trust broker to a set of named entities. The broker verifies the identity, context and policy adherence of the specified participants before allowing access and prohibits lateral movement elsewhere in the network. This removes application assets from public visibility and significantly reduces the surface area for attack.”
Building a zero-trust network access solution requires a variety of components—a client, a proxy, authentication, and security. But in most organisations, these solutions are provided by different vendors. The components often run on different operating systems and use different consoles for management and configuration, so establishing a zero-trust model across vendors is nearly impossible.
With Fortinet, not only can you easily establish zero-trust access through one vendor but also with one operating system. FortiOS 7.0 updates turn an organisation’s existing Fortinet infrastructure into the newest part of a zero-trust architecture. FortiGate next-generation firewalls (NGFWs) and FortiClient endpoint protection employ ZTNA capabilities with simplified management. The same adaptive, application access policy is used whether users are on or off the network. And, by building ZTNA into FortiOS, it’s tightly integrated into the Fortinet Security Fabric, enabling easy management and superior visibility.
Fortinet can apply ZTNA to remote users, home offices, and other locations, such as retail stores, by offering controlled remote access to applications. It’s easier and faster to initiate than a traditional VPN. This gives users a better experience while providing a more granular set of security protections. It doesn’t matter if applications are in the data centre, private cloud, or public cloud. Users and applications can be geographically independent and still create secure and reliable connections.
Endpoint Agent for Visibility and Control, Endpoint Protection, and Secure Remote Access using VPN and Zero Trust Technologies
FortiClient ZTNA works with FortiOS to enable secure granular access to applications no matter if the user is local or remote. Each session is initiated with an automatic, encrypted tunnel from FortiClient to the FortiOS proxy point for user and device verification. If verified, access is granted for that session. You can also use multifactor authentication to provide an additional layer of security. With ZTNA, organizations benefit from both a better remote access solution and a consistent policy for controlled access to applications irrespective of endpoint location.