The Fast Mode spoke to Anatoli Levine, Director of Products and Standards at Softil on the impact of traffic visibility on ZTNA networks. Anatoli joins us in a series of discussions with leading cybersecurity and networking vendors, assessing the evolution of ZTNA technologies, the roadmap for ZTNA deployments, the benefits of ZTNA for enterprise and telco networks, and the need for real-time traffic visibility technologies such as DPI for ZTNA.
Anatoli: With the advent of ubiquitous IP communications, numerous unbound IP networks are absolutely everywhere. Whether consciously or unconsciously, we access IP networks tens, maybe hundreds of times every day, both for business needs and in our private lives. These ubiquitous IP networks are becoming the fabric of our lives, its nervous system, flowing all vital information through them.
This vital information, data, becomes a new currency. And as such, it becomes an object of desire for bad actors - and it needs to be protected. The ubiquitous nature of IP networks, and the distributed nature of our modern workforce when data has to be available on premise and in the cloud means that securing information becomes an ultimate challenge. At the current point of network and data security evolutions, Zero Trust Network Access (ZTNA) is the latest line of defense. As the name says, when it comes to network access, we can have no trust - every access request has to be verified assuming the requestor can’t be trusted. When access request is made, everything matters - where is the request coming from, was such request made before by the same requestor from the same location, is requestor securely authenticated, is the request using known protocols, what is the risk level in granting the request and more. Considering the sheer number of factors which need to be taken into account, machine learning (ML) capabilities become a critical part of the ZTNA implementation. When implemented, instead of opening the door to the entire house as done with the standard VPN access, ZTNA enables secure access to individual resources and application while safeguarding the rest of the resources.
ZTNA solutions today are still in its infancy, despite being spoken about for the past four years. While the whole concept of ZTNA sounds very beneficial, the implementation, as you can imagine, is complex and far from straightforward. For example, it is critical to make sure that zero trust security will not become an impediment to critical data access at the moment when you need your data the most - only due to a deficiency of the machine learning algorithm. Deep packet inspection is considered an important part of ZTNA implementation - imagine that a new version application is deployed, and this new version has a new feature which sends brand new types of packets on the network - and your DPI software is not aware of these new types. You risk losing access to your data when you need it the most.
Zero Trust principals make perfect sense for securing access to our new currency - but we need to take time to ensure it is done right.
Anatoli Levine is Director of Products and Standards for Softil, Ltd., responsible for developing strategy and product roadmap for the Softil’s portfolio of enabling products for developers, including technologies such as Mission Critical Communications (MCC) over LTE and 5G, WebRTC, VoLTE/ViLTE/RCS, SIP, IMS and many others. Mr. Levine actively participates in the development of open international communication standards at industry bodies such as 3GPP, ETSI, IETF and other SDOs.
This interview is a part of The Fast Mode's Next-Gen DPI Traffic Visibility for ZTNA segment, featuring over 40 leading cybersecurity and networking solution providers and their views on the importance of traffic visibility for ZTNA. A research report on this topic will be published in January 2024 - for more information, visit here.
