Absolute Software named a Representative Vendor in 2023 Gartner® Market Guide for Zero Trust Network Access

Readers Gain Practical Understanding of How ZTNA is Transforming Network Security and Compliance in the Modern Digital World 

The modern business landscape has drastically evolved. Organizations have fully adopted digital transformation, migrated hefty amounts of their infrastructure and workloads to the cloud, and expanded their networks and connections to account for the new reality of remote and mobile work.

To account for the security and compliance challenges the new digital landscape has created, enterprises are adopting new products, services, and strategies. Zero Trust Network Access (ZTNA) has emerged to deliver optimized digital experiences, always-on connectivity, robust security, and the resilience needed to withstand relentless attacks while adhering to stringent regulations. 

ZTNA Defined

Zero Trust is a strategic approach to security and compliance. It helps to ensure that access to systems and data is only granted to specific groups of individuals and technologies in use, thus reducing the likelihood of data and systems falling into nefarious hands.

 ZTNA is key to enabling effective Zero Trust. It is a product or service that creates a secure connection between users, applications, data, and devices. As an enabler of the widely accepted “never trust, always verify” approach to security and compliance, it goes beyond traditional VPN, firewall, and password solutions.

To help security and risk management leaders evaluate ZTNA offerings as part of a security service edge (SSE) strategy Gartner, a company that delivers actionable, objective insight to executives and their teams has published its 2023 Gartner Market Guide for Zero Trust Network Access (ZTNA). According to the research:

Gartner defines zero trust network access (ZTNA) as products and services that create an identity and context-based, logical-access boundary that encompasses an enterprise user and an internally hosted application or set of applications. The applications are hidden from discovery, and access is restricted via a trust broker to a collection of named entities, which limits lateral movement within a network. 

ZTNA: Changing the Way We Approach Security

ZTNA is revolutionizing how organizations approach network security and user access. At its core, ZTNA is delivering numerous benefits and addressing a wide array of enterprise use cases, with ROI proven across all of these. In fact, ZTNA has earned the designation of leading category within most analyst houses due to the level of maturity it has attained. 

ZTNA: Key Benefits 

Although the array of top advantages ZTNA is known for are too vast to list in a single blog post, Gartner highlighted several in their new Market Guide. Among these were:

• “Provision of contextual, risk-based and least-privilege access to applications (not networks).
• Ability to move applications exposed in demilitarized zones (DMZs) off the public internet to reduce an organization’s attack surface.
• Improved end-user experience for native access to applications.
• Agility to support direct access to applications hosted in public and hybrid clouds.
• Scalability in comparison with legacy, hardware-based remote access VPN approaches.
• Support for digital business transformation scenarios ill-suited to legacy full tunnel access approaches when applications are delivered as SaaS via public and hybrid clouds. As a result of digital transformation efforts, most enterprises will have more applications, services and data outside their borders than inside.”

ZTNA: Top Use Cases 

As ZTNA widens its sphere of influence, security and risk professionals continue applying it to increasing challenges. Similarly, the number of uses cases has grown beyond quantification here, but there are several identified in the Gartner Market Guide:

• “Opening applications and services to named collaborative ecosystem members, such as distribution channels, suppliers, contractors and retail outlets, without requiring a VPN or DMZ.
• Deriving personas from user behavior. For example, if a user’s phone is in one country but their PC is in another country, and both are attempting to log on at the same time, legitimate access should be permitted, while compromised devices should be blocked.
• Carrying encryption all the way from the endpoint to the ZTNA gateway (which may run on the same server as the application it protects) for scenarios where the local wireless hot spot, carrier or cloud provider is not trusted.
• Providing application-specific access for IT contractors and remote or mobile employees as an alternative to full tunnel-network-based remote VPN access.
• Controlling administrative access to applications, such as IaaS/platform as a service (PaaS)applications, as a lower-cost alternative to full PAM tools.
• Extending access to an acquired organization without having to combine networks, combine directories or configure site-to-site VPN and firewall rules.
• Isolating high-value enterprise applications in the network or cloud to reduce insider threats and enable separation of duties for administrative access.
• Authenticating users on personal devices — ZTNA can improve security and simplify BYOD programs by reducing full-management requirements and enabling more secure direct application access.
• Protecting internal systems from hostile networks, such as the public internet, by removing inbound access (using long-lived outbound listeners on port 443), thus reducing the attack surface.”

If you're currently relying on legacy VPNs, consider ZTNA as a replacement, especially for specific user groups like contractors, third parties, and your growing remote employee base or mobile workers. The shift towards ZTNA not only enhances security but also aligns organizations with a broader Zero Trust networking strategy.

ZTNA: Don’t Forget Resilience

While ZTNA is a game-changer, it's crucial to recognize that it's a component — albeit a pivotal one — of a broader Zero Trust strategy. There is no such thing as set-it-and-forget-it security, nor are Zero Trust and ZTNA the components necessary to protect assets in today’s complex digital ecosystem. As demands for capabilities such as resilience move into the mainstream, it is more important than it has ever been to make sure all security controls in place operate with maximum efficacy and always-on accountability. The best strategies and products can’t deliver any value if they are turned off. 

ZTNA: Absolute’s Role 

The rise of ZTNA underscores an industry-wide shift towards more secure, agile, and user-centric network access solutions. As digital borders expand and blur, embracing ZTNA is no longer optional but imperative for organizations aiming for growth, agility, security, and resilience. 

Absolute Software was pleased to again be recognized in list of Representative Vendors. As the market widens and more competitors enter the field, we believe the recognition in the report demonstrates that our continued innovation and focus on resilience is delivering capabilities that support Zero Trust strategies across endpoints and network connections that not only ensure security but also always-on, optimised connectivity for stellar user experiences. 

To learn more about ZTNA and the Representative Vendors in the market, download: 2023 Gartner Market Guide for Zero Trust Network Access (ZTNA)

Gartner, Market Guide for Zero Trust Network Access, Aaron McQuaid, Neil MacDonald, and 2 more, 14 August 2023 

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.