25 Mar ipoque finds nine out of ten ZTNA vendors struggling with traffic visibility
ipoque, a Rohde & Schwarz company, has published a report on “Next-gen DPI for ZTNA: Advanced traffic detection for real-time identity and context awareness“.
The report is based on a survey of 55 leading ZTNA vendors and reveals that 90.7% of zero trust network access (ZTNA) vendors are struggling with traffic visibility.
This lack of visibility is suggested to be compromising identity and context awareness, which is the basis of zero-trust strategies. Additionally, 92.6% of ZTNA vendors anticipate a rise in security vulnerabilities due to inadequate visibility, with 55.6% of vendors expecting the implications to be severe.
The report aims to uncover visibility challenges and the role of DPI in fortifying zero-trust executions. ZTNA merges access control and security in a cloud-based model, leveraging principles such as micro-segmentation and least privilege access (LPA).
The lack of visibility impairs the effectiveness of ZTNA, and ZTNA solution providers require advanced traffic detection techniques that can single out resources, devices, users, security status, and irregularities.
Without sufficient visibility, ZTNA vendors have to fall back on blanket access rules and generic security measures, which lead to increased security vulnerabilities, network abuse, and user experience issues.
The ipoque OEM DPI engines R&S®PACE 2 and R&S®vPACE for networking and cybersecurity vendors combine behavioural, heuristics and statistical analysis, as well as machine learning (ML) and deep learning techniques to classify network traffic by protocols, applications, and service types, even when encrypted. The report finds that 83.3% of respondents currently use or plan to use DPI for ZTNA. DPI supports other ZTNA features such as single sign-on, single DLP and multi-factor authentication, and addresses encryption, unmanaged devices, and even issues with ZTNA itself.
Other important topics such as security service edge’s (SSE’s) impact on ZTNA, zero-trust implementation challenges, and popular models for DPI deployment are also explored in the report.