What must administrators define to enable ZTNA functionality on FortiGate?

To enable Zero Trust Network Access (ZTNA) functionality on FortiGate, administrators need to define ZTNA servers and establish ZTNA policies. This is because ZTNA operates on a principle of least privilege, requiring that access to applications and resources be tightly controlled based on user identity, device posture, and specific access policies.

By defining ZTNA servers, administrators specify which applications or services are subject to ZTNA access controls. This setup allows the FortiGate system to apply policies that govern who can access these resources, under what conditions, and how to effectively monitor and enforce these access rules.

ZTNA policies outline the parameters and rules for connectivity and access, ensuring that users are authenticated and authorized before being granted access to the defined services. This prevents unauthorized access to resources and enhances overall security by applying granular controls.

Other options, such as network bandwidth restrictions, user feedback for network performance, and firewall security levels, do not directly contribute to the functionality of ZTNA. While they may be relevant in other contexts or for enhancing overall network security, they are not the core components needed to activate and manage ZTNA on FortiGate devices.