The Fast Mode spoke to Sandip Kumar Panda, Founder and CEO of InstaSafe Technologies on the impact of traffic visibility on ZTNA networks. Sandip joins us in a series of discussions with leading cybersecurity and networking vendors, assessing the evolution of ZTNA technologies, the roadmap for ZTNA deployments, the benefits of ZTNA for enterprise and telco networks, and the need for real-time traffic visibility technologies such as DPI for ZTNA.
Ariana: Why is ZTNA the future of enterprise security?
Sandip: Traditional network security models relied on a well-defined perimeter, assuming that everything inside the network was trusted, and anything outside was not. As more and more employees are adapting to hybrid work environments, data servers are moving from on-premises to the cloud, applications are getting hosted on the cloud, and applications are getting accessed from mobile devices, the concept of perimeter-based security is no longer relevant, and making the traditional security model inadequate. There is a need for a better security model that can cater to perimeterless security environments and Zero Trust Network Access (ZTNA) is well suited to address these new age evolving security threats.
ZTNA is built on the philosophy of "never trust, always verify." It does not rely on the assumption of trust based on location or network segment. It requires continuous verification of the identity and security posture of users and devices before granting access to resources, whether they are on-premises or in the cloud.
ZTNA is adaptable to the dynamic nature of modern businesses. It can easily scale to accommodate remote workers, contractors, and the growing number of devices and cloud resources, all while maintaining a high level of security. Through micro-segmentation and the principle of least privilege, ZTNA reduces the attack surface by restricting access to only what is necessary, limiting lateral movement within the network, and preventing attackers from moving freely once they gain access. ZTNA is designed to adapt to evolving cyber threats. Its continuous monitoring and verification mechanisms help organizations detect and respond to security incidents more effectively. In a world where cyber threats are increasingly sophisticated and pervasive, ZTNA represents a more mature and proactive approach to cybersecurity. It acknowledges that breaches can and will occur, and focuses on minimizing their impact through rigorous access control and monitoring.
Ariana: What challenges do you see across ZTNA deployments?
Sandip: Quite often, IT leaders feel Zero Trust solution is a silver bullet and can solve all the challenges concerning remote access. But in reality, Zero Trust solution adoption is a journey and successful deployment of Zero Trust needs proper assessment of existing IT infrastructure. Based on the assessment, organizations can understand their current IT infrastructure maturity and deployment needs to happen accordingly. Assessment needs to be done with the help of a Zero Trust vendor. So, it is quite essential to select the right Zero Trust vendor for partnership.
While choosing the right ZTNA vendor, it is important to keep a few critical aspects in mind, as it directly impacts the effectiveness and security of your network access control. Organizations needs to have a clearly defined objectives and specific goal they want to attain with Zero Trust. They need to identify the use cases for ZTNA within your organization and determine whether they need ZTNA for remote access, partner/vendor access, or internal network segmentation. Zero Trust is a combination of solution and it can solve variety of use cases. Each use case may have different requirements.
Implementing ZTNA is a joint effort between organizations and the vendor. Organizations need to define and share their success criteria of the deployment with vendor and both parties need to work together to make it successful.
Ariana: What do you consider are the core features (must have) of ZTNA?
Sandip: Zero Trust is a combination of solutions that aims to provide comprehensive security encompassing the security of users, devices, applications, data, networks, and infrastructure with reporting and visibility capabilities. Zero Trust Network Access focuses on securing the network and minimizing the attack surface by maintaining strict access controls and ensuring that only the right users with the right device get access to the right network segment.
Important features of Zero Trust Network Access (ZTNA) include:
- Identity and Access Management: ZTNA relies on strong authentication mechanisms that include Multi-factor Authentication (MFA), Single Sign On, and Passwordless Authentication. Support for integration of various directory services (AD / LDAP / Google Workspace / O365).
- User and Device Lifecycle Management: ZTNA should support the onboarding, offboarding, and management of users and devices throughout their lifecycle to ensure proper access control.
- Contextual Access Control: Access decisions are based on contextual information, such as user roles, device health, Geolocation, and the sensitivity of the resource being accessed. This ensures that access policies can adapt to different circumstances and the access being granted based on contextual information
- Granular Policy Management: Administrators can define and manage access policies with granularity, allowing them to specify which type of user can access what resources under which conditions.
- Micro-Segmentation: ZTNA often involves segmenting the network into smaller, isolated zones, making it more difficult for attackers to move laterally within the network if they gain access to a single zone.
- Continuous Monitoring and Assessment: ZTNA continuously monitors and assesses user activity and device behavior to detect any suspicious or anomalous activity. This includes real-time threat detection and response.
- Secure Connectivity: ZTNA solutions often employ encrypted tunnels (e.g., TLS or VPNs) to ensure secure communication between users/devices and resources, even when accessed over untrusted networks like the internet.
- Integration Capabilities: ZTNA solutions should integrate with existing security tools and systems, such as identity and access management (IAM), SIEM (Security Information and Event Management), and endpoint security solutions.
- Scalability and Flexibility: ZTNA solutions should be scalable to accommodate the needs of both small and large organizations. They should also be flexible enough to work with a variety of applications and resources, including on-premises and cloud-based.
- Compliance and Reporting: ZTNA should support compliance requirements by providing audit trails, logs, and reporting capabilities to demonstrate adherence to security policies and regulatory mandates.
- Threat Intelligence Integration: The ability to incorporate threat intelligence feeds and analytics to enhance the detection and response capabilities of ZTNA solutions.
All these features collectively make ZTNA an effective solution for organizations to protect their network resources against security threats arising from the changing landscape of the modern hybrid workforce.
This interview is a part of The Fast Mode's Next-Gen DPI Traffic Visibility for ZTNA segment, featuring over 40 leading cybersecurity and networking solution providers and their views on the importance of traffic visibility for ZTNA. A research report on this topic will be published in January 2024 - for more information, visit here.
