Agreed, I prefer the term ‘less implicit trust’, but it’s definitely not as sexy or ‘marketing ready’.
I would note too, some overlay networks provide the abstraction while being able to be applied to any use case across ‘north-south’ and ‘east-west’.
Also, if you embed ZTNA into applications themselves, said apps have no listening ports on the underlay network. It’s literally unattackable via conventional IP-based tooling and all conventional network threats are immediately useless.
What about implementing Zero Trust on just the client end? Any good info on that?
You are very welcome to give a your own answer from your 1 karma account if you know better. I’m happy to wait.
That’s my point, you can’t have one without the other but I’m seeing ZTA solutions pitched as the full pie when they don’t even mention micro segmentation needs
But that is the point: if you do not do microsegmentation (and least privilege), you are not a ZTA solution; it is a VPN or remote access solution.