What is the role of ZTNA tags in FortiGate?

The role of ZTNA tags in FortiGate is primarily to enforce security policies for device posture checks. ZTNA, or Zero Trust Network Access, is built around the principle of verifying every access request as if it originates from an open network, regardless of whether it is coming from inside or outside the organization's perimeter.

ZTNA tags are used to classify devices based on various attributes such as security posture, compliance status, and user context. When a connection request occurs, the FortiGate can utilize these tags to assess whether the device meets the required security posture before granting access to applications or resources. This is crucial in ensuring that only compliant devices can access sensitive information, thereby maintaining a robust security posture.

The focus of ZTNA is not on network performance, logging user activity, or managing user permissions in a traditional sense. Instead, it's about establishing a dynamic and contextual evaluation of the device requesting access, which forms the core function of ZTNA tags within the FortiGate system.