The Fast Mode spoke to Erez Tadmor, Director, Product Management at Tufin on the impact of traffic visibility on ZTNA networks. Erez joins us in a series of discussions with leading cybersecurity and networking vendors, assessing the evolution of ZTNA technologies, the roadmap for ZTNA deployments, the benefits of ZTNA for enterprise and telco networks, and the need for real-time traffic visibility technologies such as DPI for ZTNA.
Ariana: What do you consider are the core features (must have) of ZTNA?
Erez: The core features, or must-haves, of Zero Trust Network Access (ZTNA) are critical for a robust and effective security framework. These core features include:
- Complete visibility: Achieving complete visibility across the entire organizational infrastructure is paramount. Without it, you cannot adequately protect what you cannot see. In today's complex, hybrid-cloud environments, it's not enough to have visibility alone. You also need a tool that offers valuable insights, helping security practitioners navigate the complexity and prioritize issues effectively.
- Network-agnostic security policy: ZTNA should empower security practitioners to establish security policies without being tied to specific network vendors or technologies. The security policy should be guided by organizational requirements, whether they stem from regulatory compliance mandates or best practices. This network-agnostic approach ensures flexibility and adaptability in an ever-evolving landscape.
- Orchestration and policy enforcement: The ability to orchestrate various components of your network and ensure that any future changes align with your Zero Trust policy is crucial. By vetting every change against the established policy before implementation, organizations can maintain a proactive and consistent security posture. This proactive approach is vital for a successful Zero Trust program, preventing security violations and minimizing risks.
In summary, complete visibility, network-agnostic security policy governance, and orchestration of network changes while adhering to the Zero Trust framework are the core features that make ZTNA a robust and effective security solution. These features help organizations stay agile, secure, and compliant in today's dynamic cybersecurity landscape.
Ariana: How has ZTNA evolved over the years?
Erez: ZTNA, or Zero-Trust Network Access, has evolved significantly over the years. Initially, ZTNA solutions were offered as add-ons, much like WiFi in laptops (yes – once it was optional!) or airbags in automobiles. However, over time, ZTNA became the standard in cybersecurity, akin to today's basic laptop or automobile features. The wave following the 2020 pandemic accelerated this shift as businesses needed secure remote access. Traditional VPNs proved insufficient due to capacity and cumbersomeness, leading to increased adoption of ZTNA, which offers enhanced security, user and device verification, and continuous monitoring.
The concept of ZTNA expanded beyond remote-only use as work environments evolved into hybrid models. ZTNA's principle of location-agnostic security gained prominence, changing the concept of work from a location to an activity, and emphasizing consistent access policies everywhere. This idea aligns with the convergence of networking and security, aiming to simplify and improve security by reducing product complexity.
Having ZTNA as part of a comprehensive cybersecurity platform is becoming more common, eliminating the need for separate add-on solutions. ZTNA is now included as a feature within products like firewalls, making it an integral part of organizations' cybersecurity strategies.
In conclusion, ZTNA has evolved from an optional add-on to a fundamental component of cybersecurity, adapting to changing work models and emphasizing a unified, location-agnostic security approach.
Erez Tadmor holds a two-decade career in the ever-evolving information security field, marked by his diverse background in managing various product portfolios and verticals. His expertise spans Cloud and network security, Automation & Orchestration, IAM, and fraud prevention. He's playing a pivotal role in guiding Fortune 500 enterprises through digital transformations, focusing on security and compliance programs. As Tufin's Network Security Evangelist, he bridges customers and the marketing and product teams, educating stakeholders on network security technologies, cyber security best practices and Tufin's solutions. Erez holds a track record of strong leadership in Product Management, enterprise cybersecurity, and product strategy development, honed through work with startups and multinationals. His core strengths include new product launches, go-to-market strategies, and product lifecycle management.
This interview is a part of The Fast Mode's Next-Gen DPI Traffic Visibility for ZTNA segment, featuring over 40 leading cybersecurity and networking solution providers and their views on the importance of traffic visibility for ZTNA. A research report on this topic will be published in January 2024 - for more information, visit here.
