{"id":163649,"date":"2022-06-15T10:16:03","date_gmt":"2022-06-15T17:16:03","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=163649"},"modified":"2022-06-15T10:16:03","modified_gmt":"2022-06-15T17:16:03","slug":"ztna-1-0-cant-secure-all-apps","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2022\/06\/ztna-1-0-cant-secure-all-apps\/","title":{"rendered":"ZTNA 1.0 Has an App Problem \u2014 It Can\u2019t Secure All Apps"},"content":{"rendered":"

<\/a>ZTNA 2.0 Protects All Enterprise Applications, Including Private Apps, Cloud Apps and SaaS<\/h3>\n

This is the final post of \u201c<\/em>ZTNA Straight Talk,<\/em><\/a>\u201d a 5-part series where we take a closer look at the five tenets of ZTNA 2.0, the new standard for securing access.<\/em><\/p>\n

It\u2019s no secret that the modern workforce relies on a plethora of applications to conduct practically all of their work. From video conferencing to document collaboration, instant messaging and CRM, the list goes on and on. Regardless of where these apps are hosted, workers require seamless, high-performance access to all of them.<\/p>\n

Security practitioners are tasked with keeping users, assets, apps and data safe. The promise of Zero Trust Network Access<\/a> (ZTNA) \u2013 providing access for a user to an application rather than broad access to a network \u2013 is supposed to help alleviate the challenges of achieving this. However, as we discussed previously, the implementation of ZTNA 1.0 has fundamental flaws. In addition to those mentioned previously, ZTNA 1.0 fails to enable consistent security because it only works with a subset of applications that the enterprise relies on.<\/p>\n

<\/a>ZTNA 1.0 Is Unable to Secure All Apps<\/h2>\n

The vision of consistent, fine-grained access to all applications can\u2019t be achieved with ZTNA 1.0. That\u2019s because ZTNA 1.0 solutions don\u2019t secure all apps. They don\u2019t support cloud-based apps or other apps that use dynamic ports or server-initiated applications \u2013 like support help desk apps that employ server-initiated connections to remote devices. ZTNA 1.0 solutions don\u2019t support SaaS apps, either.<\/p>\n

Modern, cloud-native apps are often comprised of many containers of microservices, often using dynamic IP addresses and port numbers. Implementing ZTNA 1.0 for this type of application is a recipe for disaster. ZTNA 1.0 becomes completely ineffective for these sorts of app constructs because it provides access to a broad range of IPs and ports, exposing the organization to additional risk and defeating the point of Zero Trust.<\/p>\n

As more and more organizations continue on their cloud journey and run their businesses on cloud-native applications, ZTNA 1.0 will become obsolete.<\/p>\n

<\/a>ZTNA 2.0 Provides Consistent Security for All Apps<\/h2>\n
\n