Zero trust network access (ZTNA) is an element of zero trust access that focuses on controlling access to applications. ZTNA extends the principles of zero trust access (ZTA) to verify users and devices before every application session. This confirms that they meet the organization’s policy to access that application.
Starting with the FortiOS 7.0 release, ZTNA capabilities are enabled on any device or service running FortiOS. This includes hardware appliances, virtual machines in clouds, or even the FortiSASE service.
A FortiGate next-generation firewall and the FortiClient ZTNA agent are all that’s needed for your organization to enable more secure access and a better experience for your remote users, whether on or off the network. These benefits are compelling many organizations to shift from VPN to ZTNA.
View by:
A key element of the ZTNA concept is the location independence of the user. The application access policy and verification process is the same whether the user is on the network or off the network. Users on the network have no more trust than users that are off the network.
Because users might be off the network, Fortinet ZTNA includes a secure, encrypted tunnel for connectivity from the user device to the ZTNA application proxy point. The automatic nature of this tunnel makes it easier to use than traditional VPN tunnels, improving user experience.
Better security is also delivered by Fortinet ZTNA. It puts applications behind a proxy point, hiding them from the internet. Only those users who have been verified can gain access to those applications.
Fortinet ZTNA reduces your attack surface and simplifies the management of application access at the same time.
Fortinet ZTNA reduces your attack surface by:
Fortinet ZTNA simplifies management by enabling administrators to easily configure and enforce role-based access control for users and applications with a policy that is the same no matter where the user is located.
