The Fast Mode spoke to Kevin Sheu, Vice President of Product Marketing at Versa Networks on the impact of traffic visibility on ZTNA networks. Kevin joins us in a series of discussions with leading cybersecurity and networking vendors, assessing the evolution of ZTNA technologies, the roadmap for ZTNA deployments, the benefits of ZTNA for enterprise and telco networks, and the need for real-time traffic visibility technologies such as DPI for ZTNA.
Ariana: What do you consider are the core features (must have) of ZTNA?
Kevin: Zero Trust Network Access will continue to see accelerated adoption to enable secure access to networked services and applications based on strict identity verification. The core features of ZTNA include:
- Strict Identity Verification: ZTNA requires strong identity authentication before granting access to network resources.
- Least Privilege Access: Users are granted the minimum level of access required to perform their tasks.
- Continuous Monitoring and Adaptive Policies: ZTNA solutions continuously monitor user activities and network traffic. Access policies are dynamically adjusted based on user behavior, location, device health, and other contextual factors.
- Micro-Segmentation: The network is divided into smaller, isolated segments. Access to these segments is controlled and monitored, which limits the potential damage from breaches and reduces the attack surface. This principle reduces the risk of lateral movement within the network by an attacker.
- Device Posture Assessment: Before granting access, ZTNA solutions assess the security posture of the user’s device. This includes checking for up-to-date security patches, antivirus software, and other security controls.
- Granular Access Control: Access rights can be finely tuned to specific applications, data, or services rather than granting broad network access.
- Scalability and Flexibility: ZTNA solutions are designed to be scalable to accommodate a growing number of users and devices, and flexible enough to adapt to different organizational environments and needs.
Ariana: What’s in store for ZTNA vendors in the next 10 years?
Kevin: The future of ZTNA is likely to be shaped by several key trends and advancements that will empower organizations of different sizes and with varying security needs to effectively implement zero trust principles:
- Wider Adoption Across Industries: As cyber threats continue to evolve, industries that have been slow to adopt ZTNA may accelerate their adoption to protect sensitive data and critical infrastructure.
- Support for the Hybrid Workforce: Hybrid cloud and hybrid work have changed where and how users work. Cloud-delivered Zero Trust Network Access (ZTNA) solutions are widely adopted to secure remote work, but cannot deliver the application performance and inline policy enforcement needed for workers at the office. More options to deliver in-line Zero Trust policy enforcement for both remote workers and onsite/hybrid workers in campus and branch offices will become available.
- Advancement in Machine Learning and AI: The use of artificial intelligence (AI) and machine learning (ML) in ZTNA solutions will enhance their ability to detect anomalies, predict threats, and automate security processes. This can lead to more proactive security postures.
- Regulatory Influence: As governments and regulatory bodies become more aware of cybersecurity risks, they may start mandating the use of ZTNA frameworks in certain industries, especially those handling critical infrastructure or sensitive data.
- Enhanced User Experience: As ZTNA solutions mature, there will be a focus on improving the user experience, making these systems more transparent and less intrusive to end users while maintaining high security standards.
- Increased Integration and Automation: ZTNA solutions will likely become more integrated with other security tools such as Security Service Edge (SSE) platforms, Security Information and Event Management (SIEM) systems, and identity solutions. This integration and consolidation will facilitate more automated and dynamic security responses.
- IoT Security: With the growth of IoT devices, ZTNA will need to adapt to secure these new types of network edges and the data they handle.
Kevin Sheu is Vice President of Product Marketing at Versa Networks. Kevin previously ran product marketing and marketing teams at Bitglass, FireEye, Okta and Barracuda. He also served as a strategy and technology consultant for L.E.K. Consulting and Booz Allen Hamilton where he worked with Global 2000 companies, private equity firms and government clients in the areas of network architecture design, top-line growth, market entry execution, investment due diligence, and customer / profitability analysis. He holds undergraduate and graduate degrees in Computer Science from the Johns Hopkins University, as well as an MBA from MIT Sloan School of Management.
This interview is a part of The Fast Mode’s Next-Gen DPI Traffic Visibility for ZTNA segment, featuring over 40 leading cybersecurity and networking solution providers and their views on the importance of traffic visibility for ZTNA. A research report on this topic will be published in January 2024 – for more information, visit here.