Zero Trust Network Access (ZTNA) is a framework built on the simple, yet powerful, principle of “Never trust, always ...
Zero Trust Network Access (ZTNA) is a framework built on the simple, yet powerful, principle of “Never trust, always verify.”
Cisco takes this foundational approach one step further with its Universal ZTNA (UZTNA) solution, which allows Zero Trust concepts to work everywhere, across any application, for any user, and with any device.
What is Zero Trust Network Access?
Zero Trust Network Access ensures that users only gain access to the specific applications and data they need to successfully perform their jobs and nothing more. ZTNA follows, but isn’t limited to, the following principals:
- Eliminating Open Access: Instead of granting broad access to the network, ZTNA connects users directly to the applications they need.
- Continuously Verifying Trust: Even after user logs in, their device and behavior are continuously monitored.
- Providing Minimal Access to Resources: Users only gain enough access to perform their roles.
- Organizations can implement contextually-aware access decisions based on user identity, device health, location, and behavior.
- Adopting Zero Trust Network Access concepts reduces organizations’ attack surface, prevents lateral movement, and helps to proactively detect compromised accounts.
Cisco’s Universal ZTNA Solution (UZTNA)
Traditional ZTNA can be limiting, often suited for only Web and SaaS applications, which, in turn, requires multiple tools to secure different environments. Devices typically need to be managed to implement ZTA, Deployment of the solution is complex, Policy is fragmented, and Device Trust is only evaluated at a point in time during the initial login attempt.
Cisco’s Universal Zero Trust Network Access solution provides a more holistic and seamless approach to Zero Trust adoption and allows Zero Trust Access to extend to a multitude of environments – From home offices, branch locations, airplanes, and factories.
The “Universal” in UZTNA refers to the solution’s ability to Provide Zero Trust Access across all environments whether resources are in the public cloud, on-prem, legacy, SaaS or hybrid. Universal ZTNA also protects all users by providing Zero Trust Access to Employees, contractors, third parties, and even unmanaged BYOD devices. Additionally, it allows organizations to streamline their Access Policy within a single policy engine and applying them across the entire enterprise.
UZTNA also allows for both Agentless and Agent-Based Access options, allowing for full control with Cisco Secure Client or agentless access for vendors or BYOD devices.
Once users are permitted access to resources, UZTNA works to continuously verify trust by consistently checking for security posture, device risk, and behavioral anomalies.
This continuous verification allows the solution to also make contextually aware access decisions, such as providing access based on who the user is, what they’re using, where they are, and how they’re behaving.
Universal ZTNA - ZTNA Without the Limitations
Cisco Universal ZTNA is part of the Cisco Secure Access platform, which unifies your networking and security into a single solution. Secure Access integrates with other Cisco Security Solutions, such as Duo, Cisco Secure Firewall, and ThousandEyes, to strengthen the organization’s Security Posture.
The result is a solution that allows authenticates both user + device to provide secure, specific access to resources, while performing real-time security posture checks, enforcing adaptive access policies, and monitoring continuously for threats or anomalies.
Interested in implementing Universal ZTNA in your environment? Contact the ModernCyber team to receive a free scoping session!