All news with #ztna tag

🔁 Cloudflare and CDW present a pragmatic, phased approach to migrate from legacy VPNs to a SASE-based Zero Trust architecture, prioritizing coexistence over disruptive cutovers. Their methodology uses a risk-aware, tiered application classification and Cloudflare Access wrapping to add SSO, MFA, and outbound-only tunnels without rewriting legacy code. The approach couples a pre-migration audit with staged pilots and dual-client rollouts to preserve service continuity and provide rollback paths.

🔧 Palo Alto Networks, ServiceNow, and Bell Canada have built a ServiceNow application that automates the full lifecycle of Prisma SASE, creating a direct bridge between security operations and service management. The Prisma SASE app accelerates deployment from months to hours by automating Day 0–Day N tasks—provisioning, ZTNA connector setup, and mobile user workflows—while eliminating swivel-chair operations by syncing incidents into a single ServiceNow interface. ServiceNow’s Service Bridge enables cross-instance support for MSPs and the app supports direct CSP ticket creation, reducing MTTR and operational overhead.

🔐 The NSA has released new Zero Trust Implementation Guidelines (ZIGs) introducing Phase One and Phase Two to help organisations progress from Discovery to target-level zero trust maturity. Phase One establishes a secure baseline with 36 activities supporting 30 capabilities, while Phase Two adds 41 activities to enable 34 additional capabilities and integrate solutions across component environments. The guidance emphasises continuous authentication and post-login evaluation, aligns with NIST SP 800-207 and other federal frameworks, and is designed as a modular, tailorable approach for skilled practitioners.

🔒 Remote Privileged Access Management (RPAM) provides a cloud-native approach to securing privileged accounts beyond traditional perimeters, enabling administrators, contractors and third-party vendors to connect securely from any device or location. RPAM enforces least-privilege, Just-in-Time access and multi-factor authentication while recording detailed session logs without relying on VPNs. By supporting zero-trust principles and scalable deployments, RPAM reduces attack surface and streamlines compliance.

🔒 AWS Site-to-Site VPN introduces VPN Concentrator, a managed feature that simplifies multi-site connectivity for distributed enterprises. It enables customers to aggregate up to 100 low-bandwidth remote sites (recommended for deployments of 25+ sites, each under 100 Mbps) behind a single attachment to AWS Transit Gateway. The concentrator reduces operational overhead, improves bandwidth utilization, and lowers per-site VPN costs.

🔒 A secure enterprise browser provides a practical, cost-efficient Zero Trust approach to managing contractor access, reducing reliance on complex VPNs and broad network privileges. By isolating sessions and enforcing granular policies per user and resource, organizations can grant contractors only the access required for their role. This reduces attack surface, simplifies administration, and lowers operational costs while supporting both short-term and long-term engagements.

🔒 Cloudflare now lets administrators route traffic to a Cloudflare Tunnel by hostname or domain, removing the need to track changing IP addresses. By binding hostnames or wildcard domains to tunnels and writing Access or Gateway policies, teams can enforce per-resource zero-trust rules and secure egress without touching IP lists. Gateway uses synthetic initial IPs to tag hostname intent at Layer 4, map traffic back to private IPs, and forward it through the correct tunnel.

🔒 An Accenture report finds 88% of security leaders face significant challenges implementing zero trust. Respondents point to varying definitions, broad deployment scope across on-prem, cloud, IoT and legacy systems, poor visibility into data flows and device/user state, and resistance from business units. Experts recommend phased, use-case-driven rollouts and strong executive sponsorship, while noting meaningful programs can take years and may never be fully complete.