Demystifying Zero Trust Network Access 2.0
We're excited to bring Transform 2022 back in person on July 19 and virtually from July 20-28. Join leaders in AI and data for in-depth discussions and exciting networking opportunities. Sign up today!
Existing Trustless Network Access (ZTNA) approaches have growing shortcomings, leaving threat surfaces unprotected and businesses at risk. The pursuit of ZTNA 1.0 frameworks also leads to application proliferation, more complex technology stacks, and unprotected SaaS applications, three things that CISOs strive to avoid.
The creators of ZTNA 2.0 at Palo Alto Networks released the framework earlier this year to address gaps they see in ZTNA 1.0 customer frameworks. They also launched a new Zero Trust marketing campaign, with an ad featuring award-winning actress Gillian Anderson.
In urging the cybersecurity industry to embrace ZTNA 2.0, Palo Alto Networks outlines how existing ZTNA approaches validate logins through a Cloud Access Security Broker (CASB) once and then assume the connection can be trusted indefinitely.
Another growing gap is the number of applications and endpoints that use dynamic ports and require a range of IP addresses to operate. The TCP/IP and TCP/UDP protocols provide coarse access privileges at the packet level; they cannot be used to define access at the sub-application or application level, as these protocols were not designed for this purpose.
EventTransform 2022
Join us at the leading Applied AI event for enterprise business and technology decision makers on July 19 and virtually July 20-28.
register hereDynamic Host Configuration Protocols (DHCP) in virtual workforces are also commonplace. ZTNA 2.0 proponents argue that it is the inherent structure of DHCP connections that, once approved through CASB authentication, could be breached to launch man-in-the-middle, sniffing, and of recognition.
These risks lead Palo Alto Networks to promote ZTNA 2.0. Two primary goals of ZTNA 2.0 are to perform continuous trust verification and security inspection of all traffic against all threat vectors.
Why ZTNA 2.0 NowThe essence of ZTNA's current weaknesses lies in the vulnerability of applications, platforms, and network connections that rely on the lower levels of the OSI model to connect within an enterprise. The creators of ZTNA 2.0 claim that connections, endpoints (both human and machine), network traffic, and integrations that pass over the third and fourth layers of the OSI model are still susceptible to breach.
In effect, the traffic on these model layers relies on the basic components of the TCP/UDP network protocols. They also rely solely on IP addresses to define physical paths.
ZTNA critics say it is particularly difficult to enforce least privileged access and real-time trust verification. On the other hand, Palo Alto Networks says the exponential increase in virtual workforce, heavy reliance on hybrid cloud infrastructure, and new digital-centric business models are compressing the...
We're excited to bring Transform 2022 back in person on July 19 and virtually from July 20-28. Join leaders in AI and data for in-depth discussions and exciting networking opportunities. Sign up today!
Existing Trustless Network Access (ZTNA) approaches have growing shortcomings, leaving threat surfaces unprotected and businesses at risk. The pursuit of ZTNA 1.0 frameworks also leads to application proliferation, more complex technology stacks, and unprotected SaaS applications, three things that CISOs strive to avoid.
The creators of ZTNA 2.0 at Palo Alto Networks released the framework earlier this year to address gaps they see in ZTNA 1.0 customer frameworks. They also launched a new Zero Trust marketing campaign, with an ad featuring award-winning actress Gillian Anderson.
In urging the cybersecurity industry to embrace ZTNA 2.0, Palo Alto Networks outlines how existing ZTNA approaches validate logins through a Cloud Access Security Broker (CASB) once and then assume the connection can be trusted indefinitely.
Another growing gap is the number of applications and endpoints that use dynamic ports and require a range of IP addresses to operate. The TCP/IP and TCP/UDP protocols provide coarse access privileges at the packet level; they cannot be used to define access at the sub-application or application level, as these protocols were not designed for this purpose.
EventTransform 2022
Join us at the leading Applied AI event for enterprise business and technology decision makers on July 19 and virtually July 20-28.
register hereDynamic Host Configuration Protocols (DHCP) in virtual workforces are also commonplace. ZTNA 2.0 proponents argue that it is the inherent structure of DHCP connections that, once approved through CASB authentication, could be breached to launch man-in-the-middle, sniffing, and of recognition.
These risks lead Palo Alto Networks to promote ZTNA 2.0. Two primary goals of ZTNA 2.0 are to perform continuous trust verification and security inspection of all traffic against all threat vectors.
Why ZTNA 2.0 NowThe essence of ZTNA's current weaknesses lies in the vulnerability of applications, platforms, and network connections that rely on the lower levels of the OSI model to connect within an enterprise. The creators of ZTNA 2.0 claim that connections, endpoints (both human and machine), network traffic, and integrations that pass over the third and fourth layers of the OSI model are still susceptible to breach.
In effect, the traffic on these model layers relies on the basic components of the TCP/UDP network protocols. They also rely solely on IP addresses to define physical paths.
ZTNA critics say it is particularly difficult to enforce least privileged access and real-time trust verification. On the other hand, Palo Alto Networks says the exponential increase in virtual workforce, heavy reliance on hybrid cloud infrastructure, and new digital-centric business models are compressing the...
What's Your Reaction?
