Business & Technology
In medieval times, kings protected themselves and their assets by locking them away in castles built with impenetrable walls. A moat with a drawbridge provided a single route into and out of the castle. Not long ago, corporate networks were designed the same way—a clear, defined network perimeter with gateway security.
Traditional VPN solutions operate much like the concept of the castle, moat, and drawbridge. They provide a way for the owner to restrict access into the castle. However, they both have similar flaws:
Digital transformation has forced technology to move rapidly, replacing the concept of a clearly defined network edge with many diverse network edges and applications and data distributed in many different locations, including the HQ and private and public clouds. With these distributed networks comes a need for a new, modern way of thinking about remote access to address the following concerns:
To achieve the requirements of organizations to provide secure and flexible connectivity to their hybrid workforce, regardless of where the user is connecting from, it is important to move away from the legacy idea of "implicit trust"—the assumption that if a user is already inside the network, they can be trusted to access all applications and move around in an uncontrolled manner.
Zero-trust network access (ZTNA) augments traditional VPN technologies for application access by removing the excessive trust that legacy VPN requires to allow employees or partners to connect and collaborate. To achieve this, zero-trust network access solutions adhere to the following principles based on explicit trust:
Change can be difficult for both organizations and their users. The rapid pace of change due to digital transformation, the move to the cloud, and the shift to work from anywhere have created security risks for organizations and added complexity for users. To address the need for zero trust, Fortinet ZTNA can help resolve these issues by adding strong context-aware security delivered in a way that is simple and intuitive for the user.
The biggest benefit for the organization is that the ZTNA proxy needed to enforce this security policy is built into FortiOS version 7.0, so it can be leveraged with a simple upgrade. And because this is a technology many of our customers already have in place, they don’t need to adopt this across their whole infrastructure overnight. Instead, they can deploy it to specific user groups or applications in a controlled way to avoid potential disruption to the organization.
The move away from the office has been dramatic, with many users now choosing to remain working from home. But whether from home or on the road, they still need to be able to do their job without compromising security. Fortinet ZTNA allows users to work remotely while accessing corporate applications securely.
Fortinet ZTNA also helps control access to enterprise resources for the extended workforce including suppliers, partners, or potentially acquired companies, while maintaining strict access control.
This blog has demonstrated how zero trust solutions can be used to protect the modern workforce. In a future CTO Collective blog, we will see how the elements of the Fortinet Security Fabric come together to combine SD-WAN and SASE to deliver the Zero Trust Edge.
Read more about how Fortinet ZTNA improves secure access to applications anywhere, for remote users.
Catch the latest in CTO trends and advice: CTO Collective Series