The zero trust network access (ZTNA) market is an expanding one for both vendors and the channel, but there are problems.
Poor data traffic visibility is affecting 90.7% of ZTNA providers, compromising identity and context awareness that forms the basis of zero trust strategies, according to research.
The research also finds an overwhelming 92.6% of ZTNA providers anticipating a rise in security vulnerabilities due to inadequate visibility, with 55.6% of vendors expecting the implication to be “severe”.
The report, based on a survey of 55 leading ZTNA companies, was jointly conducted by deep packet inspection (DPI) software firm ipoque and The Fast Mode telecoms/IT publication.
Assessing network and traffic intelligence, that underpins the implementation of ZTNA, the report uncovers visibility challenges. ZTNA merges access control and security in a cloud-based model, leveraging principles such as network micro-segmentation and least privilege access (LPA) for end users.
“Trends in cloud, SaaS, work-from-anywhere (WFA) and IoT have made ZTNA indispensable,” said Ariana Leena Lavanya, principal analyst at The Fast Mode. “Continuous adaptive trust, which is central to any ZTNA execution, uses real-time traffic intelligence to form virtual network perimeters that deliver seamless and secure access to enterprise resources.”
However, visibility issues reported by ZTNA vendors stem from the explosive growth of traffic and application types, and the emergence of new encryption protocols such as TLS 1.3, QUIC and ECH, as well as various anonymisation and obfuscation techniques.
“Regardless of whether it is cloud, hybrid or on-premise ZTNA, ZTNA solution providers require advanced traffic detection techniques that can single out resources, devices, users, security status and irregularities. This is critical in executing fine-grained policies which are customised to different risk profiles and data sensitivity,” added Martin Mieth, VP of engineering at ipoque.
Without sufficient visibility, ZTNA vendors have to fall back on blanket access rules and generic security measures, which lead to more false positives, increased security vulnerabilities, network abuse and user experience issues, says the report.
DPI can offer behavioural, heuristics and statistical analysis, as well as machine learning (ML) and deep learning techniques to classify network traffic by protocols, applications and service types, even when encrypted.
Combining this with regularly updated libraries and metadata extraction can help ZTNA providers and users with much improved threat, anomaly and application awareness.
Other key topics such as security service edge's (SSE) impact on ZTNA, zero-trust implementation challenges and popular models for DPI deployment are also covered in the report.
The full report is available at www.ipoque.com/ZTNA-report
