The concept of zero trust has gained a lot of excitement in recent years. A zero trust architecture assumes an inherently hostile network and treats every user request as an external party. This practice has been crucial to secure increasingly remote, cloud-based working arrangements, especially as broken access control remains a top threat to modern IT.
Most organizations now understand the imperative to implement zero trust. However, it’s tricky to build a simple zero-trust architecture without negatively impacting application performance. This issue has worsened as most vendor solutions utilize costly network-based systems that create a bottleneck (not to mention a high-value attack target) as they rely on a single tunnel to enterprise application environments. For most scenarios, an application-based proxy is better suited to enable zero trust with less complexity and higher performance.
Below, we’ll compare and contrast two emerging variants of zero trust architecture: Zero Trust Network Access (ZTNA) and Zero Trust Application Access (ZTAA). We’ll identify the benefits and drawbacks of each approach and highlight use cases for each.
Top comments (1)
Hi there, we encourage authors to share their entire posts here on DEV, rather than mostly pointing to an external link. Doing so helps ensure that readers don’t have to jump around to too many different pages, and it helps focus the conversation right here in the comments section.
If you choose to do so, you also have the option to add a canonical URL directly to your post.