- Identity and access management: The new ZTNA functionality adds the ability to perform user authentication and authorization checks based on identity attributes.
- Granular policy control: With ZTNA, Alkira can now apply more granular access policies based on the user’s identity, device, location and other attributes. This allows for more fine-grained control over what resources a user can access.
- Posture checks: The ZTNA solution includes the ability to perform posture checks on the user’s device, such as checking browser version, OS version, installed antivirus, etc. This information is used to determine the appropriate access policies.
- Unified platform: Alkira’s approach integrates the ZTNA functionality directly into their networking platform, rather than having separate portals or management for user access vs. network connectivity. This provides a more holistic and streamlined solution.
How Alkira’s ZTNA works
On the user side, the new ZTNA capability requires a user agent to help execute the device posture checks.
Shah explained that when a user connects to the network, Alkira does an authentication check. That check validates a number of different device attributes. The platform also does a posture check based on the identity and user attributes that can come from any identity provider.
Based on the posture and identity of the user, Alkira will place users in a specific network micro-segment. Based on the network and user access policies, the user will then be able to connect with the specific applications and services that they are authorized to access.
“We already had the traffic policies through which you can control how the traffic flows on the network,” Shah said. “What we have done is added the posture attributes and the identity attributes to the policy, so that now you can essentially check on the posture and identity in a further granular control over the resources that users can access.”
Visibility and control from the network to the user
A key aspect of Alkira’s approach is the built-in visibility and troubleshooting capabilities.
The platform provides administrators with detailed dashboards. The details include information on currently logged in users, traffic generation and access. That information is critical for network administrators, especially when there is an issue or a user that can’t get access.
