What is the principle behind zero trust network access (ZTNA) in FortiSASE?

The principle behind zero trust network access (ZTNA) is centered on the idea that no user, device, or system should be inherently trusted, regardless of their location within or outside the network perimeter. Therefore, ZTNA grants access based on strict verification processes that consider both user identity and device posture. This dual verification ensures that any attempt to access network resources must meet pre-defined security criteria, which helps to protect against potential threats by assuming that an environment could be compromised.

This approach fundamentally shifts the security paradigm from traditional perimeter-based security to a more granular, user-and-device-centric model, which is essential for modern environments that often include remote work and bring-your-own-device (BYOD) policies. By treating all users and devices as untrusted by default, ZTNA minimizes risks such as unauthorized access and potential lateral movement of threats within the network.

Other options propose approaches that do not align with ZTNA principles; relying solely on passwords lacks the comprehensive security posture ZTNA requires. Allowing open access contradicts the very nature of zero trust, which seeks to restrict access based on continuous verification. Focusing only on device management neglects the importance of user authentication and overall risk assessment, which are central to ZTNA’s functionality