Nine out of 10 ZTNA vendors struggling with traffic visibility

Latest survey on traffic visibility for ZTNA shows over half of ZTNA vendors expect severe security implications from a lack of visibility; adoption of DPI for real-time traffic intelligence is expected to grow in the next three years.

  • Friday, 22nd March 2024 Posted 3 weeks ago in by Phil Alsop

ipoque, a Rohde & Schwarz company and a leading provider of next-gen deep packet inspection (DPI) software, has published key findings of its latest research report ‘Next-gen DPI for ZTNA: Advanced traffic detection for real-time identity and context awareness’. The report finds poor traffic visibility affecting 90.7% of zero trust network access (ZTNA) vendors, compromising identity and context awareness that forms the basis of zero-trust strategies. The research also finds an overwhelming 92.6% of ZTNA vendors anticipating a rise in security vulnerabilities due to inadequate visibility, with 55.6% of vendors expecting the implication to be severe. The report, which is based on a survey of 55 leading ZTNA vendors, took place in November last year and was jointly conducted by ipoque and The Fast Mode, a leading telecoms/IT publication.

Assessing network and traffic intelligence that underpin the implementation of ZTNA, the report aims to uncover visibility challenges and the role of DPI in fortifying zero-trust executions. ZTNA merges access control and security in a cloud-based model, leveraging principles such as microsegmentation and least privilege access (LPA). “Trends in Cloud, SaaS, work-from-anywhere (WFA) and IoT have made ZTNA indispensable,” said Ariana Leena Lavanya, Principal Analyst at The Fast Mode. “Continuous adaptive trust, which is central to any ZTNA execution, uses real-time traffic intelligence to form virtual network perimeters that deliver seamless and secure access to enterprise resources.”

Lack of visibility impairs effectiveness of ZTNA

Visibility issues reported by ZTNA vendors stem from the explosive growth of traffic and application types and the emergence of new encryption protocols such as TLS 1.3, QUIC and ECH as well as various anonymization and obfuscation techniques. “Regardless of whether it is cloud, hybrid or on-premises ZTNA, ZTNA solution providers require advanced traffic detection techniques that can single out resources, devices, users, security status and irregularities. This is critical in executing fine-grained policies which are customized to different risk profiles and data sensitivity,” said Dr. Martin Mieth, VP Engineering at ipoque. Without sufficient visibility, ZTNA vendors have to fall back on blanket access rules and generic security measures, which lead to increased security vulnerabilities, network abuse and user experience issues, according to the report.

DPI equips ZTNA with future-proof traffic filtering capabilities

The ipoque OEM DPI engines R&S®PACE 2 and R&S®vPACE for networking and cybersecurity vendors combine behavioral, heuristics and statistical analysis, as well as machine learning (ML) and deep learning techniques to classify network traffic by protocols, applications and service types, even when encrypted. “Our DPI suite of solutions, which are optimized for both standard and cloud computing environments, are powered by AI and ML- based capabilities and weekly-updated libraries. Combining these with metadata extraction allows us to address information that ZTNA vendors deem most critical, namely threats, anomalies and application awareness,” said Dr. Mieth. The DPI technology by ipoque boasts high throughput, linear scalability and improved memory efficiency to support any number of user sessions. It also features extended capabilities such as first packet classification, custom DPI signatures, tethering detection and an IPFIX exporter that converts DPI data into Netflow/IPFIX flow records for seamless integration into SIEM solutions.

Higher use of DPI expected within ZTNA

The report finds that 83.3% of respondents currently use or plan to use DPI for ZTNA. Apart from enhancing the core mechanisms of ZTNA, DPI supports other ZTNA features such as single sign-on, single DLP and multi-factor authentication, and addresses encryption, unmanaged devices and even issues with ZTNA itself. “With real-time application awareness spanning legacy and hybrid applications, ipoque brings ZTNA performance to the next level and supports next-gen ZTNA features such as automatic network segmentation, intra-server / API access and even DEM,” added Dr. Mieth. “Continuous R&D into traffic trends and adoption of AI-based techniques have positioned us at the forefront of traffic intelligence, allowing us to support even the most advanced ZTNA implementations.”

The full power of next-generation quantum computing could soon be harnessed by millions of individuals and companies, thanks to a breakthrough by...

TCA aims to tackle UK IT skills gap

Posted 4 days ago by Phil Alsop
New not-for-profit company aims to help fill 100,000 IT jobs.

Flexible work valued, but not always offered

Posted 4 days ago by Phil Alsop
Report reveals at least 40% would change jobs to gain flexibility – meaning employers must prioritize flexibility to attract and retain top talent.
63% of decision-makers in financial services firms believe AI will increase the cost of data in their organisation.
Compared to 2023, 24% more IT professionals reported planned investment in automation in 2024, and 96% are using at least one AI or ML tool to...
New research from Advania reveals that IT complexity is hampering the progress of mid-market organisations in harnessing the full potential of new...
Enterprise AI/ML transactions increased from 521 million monthly in April 2023 to 3.1 billion monthly by January 2024.
OpenStack Caracal adds enhancements for AI and HPC; improves agility, performance, and security; and incorporates support for industry-best hardware...