How Threat Defense Works with Universal ZTNA

A universal ZTNA-enabled Firewall Threat Defense device is a critical enforcement point that protects private resources by integrating zero trust principles with firewall capabilities. Here’s how it operates to secure private resources:

• Enforces access and Validates Policy: A Threat Defense device intercepts all access requests to private resources. It enforces granular, context-aware access policies that verify user identity, device posture, and contextual factors before granting access. Only requests that meet the least-privilege criteria are allowed, blocking the unauthorized attempts to access resources.

• Establishes a Secure Tunnel to the Resource: After validating the access policy, the Threat Defense device establishes a secure, encrypted tunnel between the user’s device and the private resource. This tunnel ensures that private resources are isolated from direct network exposure.

• Inspects Traffic: Threat Defense device continuously inspects the traffic and blocks threats before they reach the resources. The device applies the intrusion prevention system, file, and malware detection capabilities to detect and block the threats.

• Microsegments and Prevents Lateral Movement: The device enforces microsegmentation by restricting traffic flows to only the authorized resources. This containment prevents lateral movement within the network, limiting the impact of any potential breach.