Zero trust architectures – with their “never trust, always verify” mantra – were supposed to bring greater security to corporate networks than VPNs could deliver to organizations dealing with a rapidly evolving attack surface.
In many ways they did, but they weren’t the fix-all that many vendors promised, according to Denny LeCompte, CEO of
Portnox.
In a blog post, LeCompte
called the VPN the “slightly-too-proud workhorse of remote access – trudging along, sweating profusely, slowing everything down, and occasionally taking a nap in the middle of a Zoom call. It was never great, but it was the only game in town.”
Zero trust network access (ZTNA) solutions promised a lightweight replacement that is secure, seamless, and smart, but too often “just rewrapped the same bloated experience with extra layers of complexity and confusion – hard to deploy, slow to run, and nearly impossible to troubleshoot.”
The Austin, Texas-based network access control (NAC) company has now launched its own ZTNA that LeCompte said fulfills many of the promises that came with zero trust but without the baggage that current ZTNA offerings carry.
“We called our new product ZTNA so that the right buyer would recognize it as an alternative to other ZTNA products,” the CEO told MSSP Alert. “But we did not build a clone of those products, and we didn’t just slap a ‘zero trust’ label on an old architecture. Our ZTNA offering is truly cloud-native, agentless, clientless, passwordless, and can be deployed in minutes, not months.”
A Unifying Solution
The offering unifies device visibility, risk posture assessment, policy enforcement, and secure access, all without agents, infrastructure, or VPNs, he added. It’s targeted at mid-market companies, “lean enterprises” with limited staff and hybrid workforces, and can be used by MSSPs and MSPs to deliver zero trust capabilities to their customers.
“Most vendors ask you to trade one complexity for another,” LeCompte said. “We’re building a unified zero trust access platform that actually simplifies access control, especially for resource-constrained IT and security teams.”
The global market for ZTNA solutions is expected to grow rapidly in the coming years, with Business Research Insights analysts predicting an expansion from $38.89 billion last year to
$261.74 billion by 2033. It’s also populated with some high-profile players, including
Cisco Systems,
Zscaler,
Cloudflare,
CrowdStrike, and
Palo Alto Networks.
From Detection to Prevention
The technology sprang from the need to shift the emphasis of security from threat detection to preventions, LeCompte said. Zero trust is a particular spin on preventing attacks.
“Zero trust focuses prevention on identity and compartmentalization as opposed to the old way of thinking about a defensive perimeter,” he said. “The perimeter is dead – or at least unrecognizable. The attack surface has expanded with hybrid work, BYOD, and
shadow IT. Security teams can’t assume that just because someone is inside the network, they can be trusted.”
Portnox ZTNA offers a range of advantages, including instant network access with minimal latency,
passwordless authentication, role- and location-based access controls to ensure users access only the resources they need, and endpoint posture checks to continuously verify the security compliance of devices before granting network access.
There also is automated remediation of non-compliant or risky endpoints, access to web-based applications, and no need for clients or agents. Instead, users can access internal web apps through browsers and URLs. In addition, organizations don’t have to change configurations to remote worker networks or corporate firewalls, according to the vendor.
“Use cases are broad but fall into a few buckets: enabling secure remote access to web-based applications, enforcing device posture and compliance before granting access, and replacing aging VPN infrastructure,” LeCompte said. “If you want to go passwordless, lock access to managed devices, kill your VPN, and still enforce zero trust policies – all without giving your IT team a migraine – this is for you.”
Good for MSSPs, MSPs
The new offering also gives MSSPs and MSPs another service they can offer customers. Most organizations Portnox works with don’t have the time or expertise to build and maintain a zero trust framework themselves, he said.
“MSSP clients have the same challenges as large enterprises,” LeCompte said. “They want to limit access to SaaS and hosted applications to just the people who need it. They want to enable their clients to eliminate passwords to all their apps. They want to replace legacy VPNs that are hard to manage and present their own security challenges. Our MSP and MSSP partners are not just reselling licenses, they’re delivering zero trust as a managed service.”
Portnox ZTNA makes it easy by delivering a cloud-native architecture that is multi-tenant, supports full automation through APIs, and requires no on-site infrastructure, allowing partners to spin up new customers, enforce policies, and manage access all from a single place, the CEO said.
Portnox ZTNA is part of the vendor’s Unified Access Control Platform, which also includes authentication, NAC, and TACACS+, a protocol used for securing network device access. Portnox also is offering a free version of its ZTNA that allows enterprises to connect users to unlimited web-based apps, though including only community support.