Press release
Palo Alto Networks Calls on Cybersecurity Industry to Adopt ZTNA 2.0 -- Zero Trust with Zero Exceptions
First-gen ZTNA solutions have major gaps in security protection and can put organizations at significant risk SANTA CLARA, Calif., May 11, 2022 /PRNewswire/
About this update from Palo Alto Networks, Inc.
[{"type":"text","content":"First-gen ZTNA solutions have major gaps in security protection and can put organizations at significant risk \nSANTA CLARA, Calif., May 11, 2022 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today urged the industry to move to Zero Trust Network Access 2.0 (ZTNA 2.0) — the foundation for a new era of secure access. ZTNA was developed as a replacement for virtual private networks (VPNs) when it became clear that most VPNs did not adequately scale and were overly permissive, but the first-generation ZTNA products (ZTNA 1.0) are too trusting and can put customers at significant risk. ZTNA 2.0 solves these problems by removing implicit trust to help ensure organizations are properly secured.\n\"This is a critical time for cybersecurity. We are in an era of unprecedented cyberattacks, and the past two years have dramatically changed work — for many, work is now an activity, not a place. This means that securing employees and the applications they need is both harder and more important,\" said Nir Zuk, founder and chief technology officer at Palo Alto Networks. \"Zero trust has been embraced as the solution — and it is absolutely the right approach! Unfortunately, not every solution with Zero Trust in its name can be trusted. ZTNA 1.0 — for example — falls short.\"\nFor modern organizations where hybrid work and distributed applications are the norm, ZTNA 1.0 has several limitations. It is overly permissive in granting access to applications because it can't control access to sub-applications or particular functions. Additionally, there is no monitoring of changes in user, application or device behavior, and it can't detect or prevent malware or lateral movement across connections. ZTNA 1.0 also cannot protect all enterprise data.\nZTNA 2.0-capable products, such as Palo Alto Networks Prisma® Access, help organizations meet the security challenges of modern applications, threats and the hybrid workforce. ZTNA 2.0 incorporates the following key principles:\nLeast-privileged access — enables precise access control at the application and sub-application levels, independent of network constructs like IP addresses and port numbers.Continuous trust verification — after access to an application is granted, continuous trust assessment is ongoing based on changes in device posture, user behavior and appli...