Secure Access / ZTNA 2.0

Florian Reinholz / 21.11.2023

Secure Access / Zero Trust Network Access 2.0

In the modern age of technology, safeguarding data has become a top priority for both individuals and businesses. Faced with the increasing frequency of cyber threats and data breaches, ensuring secure access to confidential information is imperative.

Zero Trust

Zero Trust Network Access enhances secure access by adding an additional layer of security. Even if a user has the correct credentials, they must still be authorized for each resource they intend to access. This reduces the risk of unauthorized access, even in cases where a user's credentials are compromised.

Limitations of ZTNA 1.0

ZTNA 1.0 has several drawbacks for modern organizations where distributed applications and hybrid work are the new norm. As mentioned earlier, it cannot restrict access to specific features or subapplications, making it overly permissive when accessing applications. Additionally, there is no monitoring of changes in user, application, or device behavior, and malware or lateral movements across connections cannot be detected or stopped. ZTNA 1.0 is also incapable of protecting all enterprise data.

Benefits of ZTNA 2.0

By addressing the shortcomings of ZTNA 1.0, ZTNA 2.0 fulfills the promise of a true Zero Trust architecture.

ZTNA 2.0 aims to provide the following to completely eliminate the inadequacies of ZTNA 1.0 approaches:

  • Least-Privileged Access: Identify applications based on App IDs at Layer 7. This enables precise access control at the app and sub-app levels, independent of network constructs like IP and port numbers.
  • Continuous Trust Verification: Once access to an app is granted, trust is continuously verified based on changes in device posture, user behavior, and app behavior. If suspicious behavior is detected, access can be revoked in real-time.
  • Continuous Security Inspection: Conduct thorough and ongoing inspection of all traffic, even on permitted connections, to prevent all threats, including zero-day threats. This is especially crucial in scenarios where legitimate user credentials are stolen and used for attacks on applications or infrastructure.
  • Protects all Data: Apply unified data controls for all applications used in the enterprise, including private applications and SaaS, with a single DLP policy.
  • Secures all Apps: Consistent protection for all applications used in the enterprise, including modern cloud-native applications, older private applications, SaaS applications, and those using dynamic ports and server-initiated connections.

ZTNA 1.0 often falls short of its promise: ZERO TRUST. As the connection in ZTNA 1.0 solutions is implicitly trusted indefinitely once access is granted, sophisticated threats and/or malicious actions and behaviors can easily exploit the situation. It is crucial to introduce a new ZTNA strategy, known as Zero Trust 2.0, built from the ground up to address the unique challenges of modern applications, threats, and a hybrid workforce.

dynexo Secure Access

The dynexo Secure products have evolved from the concept to real solutions through years of experience in IT and cybersecurity. Over several years, solutions have been implemented in enterprises and SMBs, always pursuing the principle of indirect dependency.

Whether it's a firewall, VPN, or proxy, building competencies and entering expensive service contracts has always been necessary. With our swarm Stack, consisting of Transport, Broker, Controller, Relay, Client, and Agent, we have implemented the principle of Zero Trust 2.0 uncompromisingly.

Our Secure Access product already incorporates all the features of Zero Trust 2.0. Our web proxy solution is also integrated into the swarm Stack. We are actively working on additional interfaces and will offer our Gateway and Edge products in the coming months. Our Gateway solution is already available and has been successfully tested in initial customer tests.

With our products, we will realize Zero Trust 2.0 as the standard for secure data communication.