Cloud security company Zscaler (NASDAQ: ZS) has announced three industry-first Zero Trust Network Access (ZTNA) technologies allowing IT and security teams to securely replace old firewalls and VPNs. It’s part of the Security Service Edge (SSE) framework developed by the firm.
With private application protection, integrated deception, and privileged remote access capabilities for business and OT systems, these advancements would create a new standard for ZTNA to limit the attack surface and prevent lateral movement, while also halting compromised users and insider threats.
Employees are now increasingly mobile, and critical applications have gone to the cloud, no longer living within the secure perimeter of the corporate network. Because of the fundamental shift to cloud and mobility, according to Zscaler, organizations are abandoning the legacy network-centric VPN approach in favor of a modern user- and app-centric security model that establishes a direct connection from user-to-application on a dynamic identity- and context-aware basis. This would deliver zero trust secure access to private applications.
“Demand for ZTNA is growing rapidly, though enterprises are now looking for solutions that can scale, support all use cases, and prevent threats in ways that legacy VPN tools never could,” said Christopher Rodriguez, Research Director, Security & Trust at IDC. “The new Zscaler ZPA capabilities address key requirements for enterprises that are taking the important step to modernize their security architecture.”
Zscaler’s innovations are aimed at strengthening the company’s cloud security platform and help solve modern business and security requirements. It’s done by using a holistic zero trust architecture to replace legacy VPNs and provide employees with advanced remote access solutions for unmatched security and superior user performance, with secure access to private apps using ZTNA as a key pillar of SSE. The following are three Zscaler developments that would advance and deliver on the promise of a “next-gen” ZTNA offering:
- Private App Protection – Zscaler’s technology would deliver new preventative and proactive security measures to prohibit compromised users and adversaries from abusing weak private applications and services, leveraging over ten years of inline inspection expertise in safeguarding internet traffic and SaaS apps. In-line inspection of private app traffic to block the most common attacks, including the OWASP Top 10, as well as constantly growing defenses from Zscaler’s ThreatLabz research team and custom signature support, are among these advancements.
- Integrated Deception – Native deception advances lateral movement detection for advanced assaults with built-in private app decoys. Through interaction with the Zscaler Zero Trust Exchange and security operations platforms, Zscaler’s technology would lower warning fatigue with high-confidence alerts created by decoys that rapidly detect and contain compromised user and insider threats.
- Privileged Remote Access for Industrial IoT and OT systems – Zscaler’s platform has been extended with Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) support from unmanaged devices, for both IIoT/OT devices and private apps, building on our current browser-based access capabilities. These features would offer safe, direct remote access for third-party users, enabling enterprises to bring zero-trust connection to IoT and replace sluggish, expensive VDI solutions for private applications.
The new features from Zscaler would raise the bar for SSE and set a new benchmark for managing Secure Access Service Edge (SASE) architecture. Organizations may now get the additional features as part of Zscaler Private Access (ZPA) or as a standalone purchase, depending on the ZPA Edition they have.
“The volume of cyberattacks and data breaches has been rising across all industries with an escalating threat landscape rife with nation-state actors and sophisticated adversaries,” said Tony Paterra, Senior Vice President of Emerging Products at Zscaler. “As enterprise applications continue to move to the cloud and hybrid workplaces become the norm, a zero trust architecture is needed to support distributed users, devices, apps, and workloads. Our next-gen ZTNA approach is the simplest, most comprehensive approach to securely access private applications and transform legacy network security to minimize the attack surface and shutdown the most advanced attacks.”