Well looking at the OMB Memo 22-09, users should connect directly to applications instead of connecting to a VPN and then connect to application
I’ve set the site to sites up with sonicwall, Cisco, Meraki, fortinet, pfsense, calyptix, etc… it’s just a vpn. Not too different between manufacturers
I would be happy to assist OP. Feel free to PM me if you are running into issues.
Is VPN what makes your network secure? Great write up. You should write a book. The kids really understood and connected to it.
Also worth mentioning, they have just release their own SASE product.
Thanks for the kudos! The ZTA technology we provide does not use a VPN. We built (and open sourced) ‘Ziti’ as a more secure alternative to VPNs. Our objective is to replace all VPNs as they are clunky and vulnerable to attack/misconfiguration.
I was about to say exactly this. Their release of Entra Private Access undercuts the whole ‘all you need is identity thing’. Though I do agree, ZTA must have a network component, and it should really implement a software-defined-perimeter so you can close all inbound FW ports.
Bam!! You did it “Also worth mentioning, they have just release their own SASE product.” Microsoft has always sold SSO but SSO is the opposite of ZTA, the A for access, not architecture. OMB and CISA are pushing SASE, so its a natural adoption by Microsoft. I am pretty certain in the next few months more companies updating their profile with SEC will start they are offering SOAR and SASE services. Afterall Splunk went an acquired a tool so that they can market their SIEM as a SOAR once OMB memo M21-31 hit the press.