Palo Alto Networks urged the industry to adopt Zero Trust Network Access 2.0 (ZTNA 2.0), which it described as the foundation for a new era of secure access. When it became clear that most VPNs did not adequately scale and were overly permissive, ZTNA was developed as a replacement, but the first-generation ZTNA products (ZTNA 1.0) are overly trusting and can put customers at risk. ZTNA 2.0 addresses these issues by removing implicit trust, allowing organizations to be properly secured.
“We are living in a critical period for cybersecurity.” We live in an era of unprecedented cyberattacks, and the last two years have dramatically altered work — for many, work is now an activity rather than a location. This means that securing employees and the applications they require is both more difficult and more critical,” said Nir Zuk, Palo Alto Networks’ founder and chief technology officer. “Zero trust has been accepted as the solution — and it is absolutely correct!” Unfortunately, not every solution with the name Zero Trust can be trusted. For example, ZTNA 1.0 falls short.”
For modern organizations where hybrid work and distributed applications are the norm, ZTNA 1.0 has several limitations. It is overly permissive in granting access to applications because it can’t control access to sub-applications or particular functions. Additionally, there is no monitoring of changes in user, application or device behavior, and it can’t detect or prevent malware or lateral movement across connections. ZTNA 1.0 also cannot protect all enterprise data.