Our IT world is filled with acronyms, some of which are old concepts with new names such as ZTNA. Zero Trust Network Access (ZTNA) concept is an extension of Zero Trust Architecture (ZTA) which suggests not trusting users' devices and the network they are connecting from. Authentication, Authorization & Accounting (AAA), which came out decades ago, was addressing the same issue.
ZTNA requires all users to always authenticate themselves using software installed on their devices before using company resources. It supports both phones and laptops, as well as the BYOD concept. After authentication, based on their roles in their organizations, users are authorized to access certain on-prem or cloud applications or even the internet while their activities are constantly monitored. ZTNA also has continuous verification with re-logins when users change location, their devices go offline, or applications change state.
ZTNA is usually referred as part of Secure Access Service Edge (SASE) which is a new network and cybersecurity architecture including SD-WAN, threat prevention, CASB, SGW, and more acronyms.
Some companies market ZTNA as the “VPN killer”. It is an absurd statement, since every ZTNA implementation uses a VPN protocol to securely connect remote users. Perhaps VPN as the network access is gone, since once connected, it allows users to access everywhere which is a major cybersecurity issue. But the Virtual Private Network (VPN) which is about virtually creating private networks on the Internet will be with us forever. ZTNA, as opposed to traditional VPN connections, grants access to only allowed applications, computers, and sites. So it is more like an “evolution of VPN”.
Some reputable network vendors relate ZTNA to only remote users for various reasons, one of which could be their limitation of handling local users. However, ZTNA must handle all users everywhere, local or remote, with the same policies and rules. Due to this confusion there is a new flavor of ZTNA called UniversalZTNA. Perhaps a new acronym, UZTNA :)
All of these new acronyms in the alphabet soup show that our cybersecurity world is still evolving. This is normal as we are challenged with new attacks using Machine Learning (ML) and running in stealth mode. As our defenses are getting stronger, we may get new acronyms coined by analysts and startups. But eventually most of them will be combined to a bigger and more confusing one.