Zero Trust Network Access (ZTNA) is a security framework and product category that grants access to private applications and resources based on identity, device posture, and context, rather than network location. ZTNA replaces the implicit trust of legacy VPNs with explicit per-request verification, creating one-to-one encrypted tunnels between authenticated users and the specific applications they are authorized to use. This topic collects the leading ZTNA vendors, the standards bodies that govern the underlying primitives, and the data schemas used to describe access policies, identities, devices, and resources.
URL: https://www.cloudflare.com/learning/security/glossary/what-is-zero-trust/
- Access Control, Cloud Security, Cybersecurity, Identity Management, Network Access, Network Security, Security, VPN Replacement, Zero Trust, ZTNA
- Created: 2025
- Modified: 2026-05-03
Cloudflare Zero Trust provides ZTNA, secure web gateway, browser isolation, CASB, and DLP through a single global edge platform.
Zscaler Private Access is a cloud-native ZTNA service that connects authenticated users to private applications without exposing them to the internet.
Netskope Private Access provides ZTNA as part of the Netskope SASE platform, brokering authenticated access to private applications across cloud and on-premises.
Palo Alto Networks Prisma Access offers cloud-delivered ZTNA, SWG, and FWaaS as part of the Prisma SASE platform.
Tailscale is a WireGuard-based mesh-VPN ZTNA platform that exposes a REST API for managing devices, ACL policies, tailnet keys, DNS, and audit logs.
Twingate is a software-defined ZTNA platform that exposes a GraphQL Admin API for managing remote networks, resources, groups, users, service accounts, and connectors.
- Cloudflare - What Is Zero Trust
- Gartner Definition of ZTNA
- NIST SP 800-207
- CISA Zero Trust Maturity Model
- Cloudflare Zero Trust
- Zscaler Zero Trust Exchange
- Netskope SASE
- Palo Alto Networks Prisma Access
- Tailscale
- Twingate
FN: Kin Lane
Email: kin@apievangelist.com