ZTNA 2.0 gains multicloud momentum in Palo Alto Networks’ customer base

Citing the safety, scale and velocity benefits of deploying zero-trust community entry 2.0 (ZTNA) in multicloud environments, Palo Alto Networks’ Ignite ’22 keynotes and breakouts declare the brand new customary is gaining momentum.

“All the intelligence that goes behind zero belief is definitely within the cloud, which signifies that when you operationalize us (Palo Alto Networks) in a single place or one kind issue, the following one is very easy,” Lee Klarich, chief product officer for Palo Alto Networks, mentioned throughout his keynote “Out-Innovating the Attackers” at Ignite ’22 final week.

ZTNA 2.0 is a brand new business customary proposed by Palo Alto Networks earlier this yr, primarily based on their perception that the prevailing zero-trust customary is simply too trusting, permitting for implicit belief gaps to occur on persistent connections.

Safety leaders who’re advocates of ZTNA 2.0 say there must be extra stringent enforcement of least-privileged entry from the third to the seventh layer of the OSI Mannequin. Advocates level to the shortage of real-time belief verification throughout the higher layers of the mannequin.

With greater than 61,000 energetic firewall clients in accordance with their Q1, FY 2023 quarterly outcomes presentation, Palo Alto Networks is ideally positioned to advertise a brand new zero-trust customary that capitalizes on steady monitoring and their experience in analyzing real-time community visitors.

Degree-setting expectations on ZTNA 2.0

It’s necessary to maintain the broader strategic initiatives of a company in thoughts when assessing ZTNA, ZTNA 2.0, and nil belief basically. Zero-trust frameworks are only once they assist, strengthen and shield new digital enterprise initiatives and safe digital organizations. Investing in cybersecurity and nil belief is a enterprise resolution integral to the longer term progress of any group. Getting it proper means tailoring zero belief to a enterprise’s distinctive safety and danger administration wants. 

VentureBeat spoke with a number of IT leaders at Ignite ‘22 who mentioned they’ve carried out Palo Alto Networks’ Prisma Cloud and are pursuing ZTNA 2.0 report progress. Most of them take care of multicloud and hybrid cloud infrastructure challenges that the mix of Prisma Cloud and ZTNA 2.0 assist resolve.

None, nevertheless, take into account ZTNA 2.0 the one-and-done answer to their zero-trust framework aims. Relatively, they want Prisma Cloud and ZTNA 2.0 to resolve complicated multicloud and hybrid cloud safety challenges that demand scale and velocity. 

SASE, multicloud deployments assist ZTNA 2.0 adoption

Palo Alto Networks contends that ZTNA 2.0 additionally permits customers entry to community sources from wherever through secured entry service edge (SASE), simplifies the necessity for conventional community perimeter controls, and that cloud-based deployment helps velocity up implementation instances. The corporate additionally claims that ZTNA 2.0 is healthier suited to integrating with identification entry administration (IAM), privileged entry administration (PAM), multifactor authentication (MFA), and different safety applied sciences all on a single platform.

That’s in keeping with one of many key messages to clients at Ignite ’22: That Palo Alto Networks must be their vendor associate for consolidating their tech stacks.

Palo Alto Networks additionally contends that its cloud platform method to ZTNA 2.0 simplifies zero belief by offering constant least privileged entry and steady monitoring throughout each identification and endpoint, or as Klarich mentioned in his keynote, kind elements.

“So when you concentrate on this method, what it means is you get the identical safety outcomes,” mentioned Klarich. “You get constant safety operations and administration. It’s optimizing the end-user expertise as a result of the customers get the identical expertise, regardless of the place they’re working from, which, after all, is much more necessary immediately than ever earlier than.”

Klarich additionally defined in his keynote how zero-trust cloud structure combines the corporate’s third and fourth technology {hardware} structure advances to supply efficiency beneficial properties regularly. Palo Alto Networks sees ZTNA 2.0 as greater than a framework; it’s their ecosystem for future progress the place their {hardware}, software program and cloud advances mix to ship higher worth than every element bought alone.

Why ZTNA 2.0 is gaining multicloud momentum

The commonest cause that clients say they undertake ZTNA 2.0 is to achieve higher visibility and management throughout a number of hyperscalers and cloud platforms whereas guaranteeing a constant safety coverage and safety posture. The Palo Alto clients that VentureBeat interviewed at Ignite ’22 mentioned their organizations adopted zero belief to enhance compliance and danger administration, enhance course of agility, and consolidate their legacy tech stacks.

Interviews and surveys validate that getting integration proper with ZTNA 2.0 is difficult, as is the method of implementing it as a framework throughout large-scale, distributed organizations. CISOs that VentureBeat spoke with at Ignite ’22 say it may be difficult to construct a whole zero-trust framework with only one vendor, particularly relating to endpoint safety.

As David Holmes, Forrester senior analyst, writes in The Forrester New Wave: Zero Belief Community Entry, Q3 2021, Palo Alto Networks “nonetheless wants to enhance endpoint providing, together with cellular. Prospects say the cellular expertise Prisma Entry nonetheless wants enchancment, and so they report some technical challenges with the endpoint software program for desktops and laptops.” 

Integration utilizing APIs is among the most difficult points of implementing ZTNA 2.0 primarily based on buyer interviews at Ignite ’22. 

What clients are saying about Prism Cloud and ZTNA 2.0

General, clients that VentureBeat spoke with are optimistic about their experiences with Prisma Cloud and ZTNA 2.0. One IT director instructed VentureBeat that overcoming the challenges of integrating Prisma Cloud with different apps and instruments within the safety tech stack was essentially the most difficult piece. Nonetheless, SASE was additionally core to their ZTNA 2.0 technique, and the implementation of that throughout distant workplaces went easily.

Different IT leaders instructed VentureBeat that Prisma Cloud is automating the thousands and thousands of safety updates per day in comparison with counting on patch prep and deployment automation. This alleviates the necessity to preserve the infrastructure with time-consuming processes and guide procedures.

One CISO that VentureBeat spoke with says the subscription mannequin for Prisma Entry may be difficult, and it’s finest to get assist in case you’re a first-time buyer attempting to determine it out. She additionally suggested that IT leaders watch out troubleshooting Prisma Entry as a result of it’s simple to by accident create a service interruption. Additionally, the CISO mentioned, Okta integration may very well be difficult, and Border Gateway Protocol (BGP) queries have been recognized to bathroom down if API integrations aren’t optimized.

The underside line is that Palo Alto Networks is succeeding with its consolidation technique of promoting ZTNA 2.0 inside its buyer base, emphasizing the safety, scale and velocity of Prisma Cloud because the deployment technique.

CISOs and IT administrators are after extra granular entry insurance policies that may be personalized to suit the wants of particular customers, teams and gadgets, giving them higher management over who can entry what assets. They’re additionally after simplified entry, improved usability, and more practical compliance reporting throughout their multicloud infrastructure.