Appgate SDP

Appgate SDP Overview

Learn how the industry’s most comprehensive universal ZTNA solution strengthens security and transforms your network with the flexibility, extensibility and integration advantages of direct-routed architecture.

How Appgate SDP Works

Find out about the inner-workings of the most flexible and adaptable Zero Trust Network Access solution available today.

Zero Trust Platform
Integrations and Tech Partners
Appgate SDP for Developers
Use Cases for Securing:
Risk-Based Authentication
Learn how Risk-Based Authentication provides a frictionless, intelligent and data-informed approach to user authentication.
Strong Authentication
Find out how you can provide secure, frictionless access with the right multi-factor authentication method.
Transaction Monitoring
Explore the tools you can use to intelligently identify and prevent online fraud.
Behavioral Biometrics Service
Learn how behavioral analysis and machine learning stop fraudulent online web activity in real-time.
Secure Consumer Access for:
Digital Threat Protection
Discover how you can gain unparalleled threat visibility and the risk management tools that enable early identification and elimination of potential attacks.
Key Features
Take a deep dive into the features and tools contained within our industry-leading Digital Threat Protection (DTP) solution.

Appgate CybersecurityApril 16, 2021

Guide To ZTNA, Part 1: What is ZTNA? ZTNA Definition And Overview

This blog is the first of our 4-part guide to Zero Trust Network Access (ZTNA). Part 1 provides a ZTNA definition and general conceptual overview; part 2 describes different architectural approaches; part 3 explains what you should look for in a ZTNA solution; and part 4 reviews top considerations you should keep in mind during ZTNA implementation.

Traditional security perimeters have eroded as cloud applications, remote work and edge computing trends accelerate. With cyberthreats also intensifying, legacy network security control deficiencies are regularly cited as the cause of major data breaches. “Connect first, authenticate second” can no longer defend digital assets from malicious actors. Zero Trust Network Access (ZTNA) offers more robust protection and is now the industry-leading standard for secure enterprise access control.

What is ZTNA?

Zero Trust Network Access is based on the fundamental principle that no user—human or machine—should be automatically granted access to anything. It is the ultimate extension of the “principle of least privilege.” With ZTNA, a user is denied access to networks and digital assets by default and is only permitted access after their identity (user + device + context) is extensively authenticated. Dynamic policies and entitlements are then granted to the identity, provisioning limited access to authorized resources. These surgical entitlements are conditional and based on context and risk tolerance defined by your business.

ZTNA Definition

Zero Trust Network Access is based on the fundamental principle that no user—human or machine—should be automatically granted access to anything. This “principle of least privilege” only grants access if conditional entitlements are verified and extensive identity and context authentication are satisfied.

Authenticating a user’s identity and access authorization is a multi-dimensional process. As depicted above, ZTNA starts by verifying the identity of the user/device to determine proper entitlements. Access is only granted to approved resources based on the context the user presents when connecting. In this way, the controller is acting as a Zero Trust policy decision point (PDP) and the gateway as a policy enforcement point (PEP). It’s infinitely more secure than using an IP address and username/password combo because the theft of basic credentials, IP spoofing and brute force attacks have made these traditional authentication methods vulnerable. ZTNA is a more dynamic solution that considers contextual factors.

The Zero Trust approach starts from a “default deny” posture, then extends limited, earned trust that is continuously reevaluated.

ZTNA also monitors to determine if access privileges should be adjusted or entirely revoked. It continuously evaluates the user and device in context, including the user’s role, device security posture, location, time and date and a range of other conditional requirements. This makes it possible to immediately interrupt suspicious behavior before it causes harm.

ZTNA permits access only after considering the full context. The platform monitors the environment for changes after access is granted and reevaluates a user’s conditions and privileges to ensure real-time protection.

In addition to improved secure access, another critical benefit of ZTNA is its ability to cloak your entire infrastructure and shrink the attack surface. This means all resources are 100% invisible to malicious actors and only visible to authenticated and authorized trusted users, providing yet another layer of security. Now that you understand the ZTNA definition let us compare ZTNA vs. SDP.

What is ZTNA Compared to SDP?

ZTNA was initially known as the software-defined perimeter (SDP) and the terms are often used interchangeably. By using these architectures, enterprises can modernize network security and:

  • Strengthen and simplify access controls
  • Reduce the attack surface
  • Remove policy management complexity for admins
  • Improve the end-user experience
  • Unleash operations with integrations and automation


Ubiquitous enterprise perimeters are the main factor driving ZTNA adoption. It’s where the tailwinds of digital transformation efforts meet the headwinds of failing legacy network security solutions.

The most common initiatives driving ZTNA adoption are:

  • Secure remote access and workforce enablement
  • Privileged user and third-party risk reduction
  • Secure multi-cloud/hybrid IT access and DevOps
  • Café-style networking and overall network transformation

What is ZTNA? It’s the Modern Security Solution Enterprises Need

The days of siloed, legacy network access solutions like VPNs and NACs are over. These outdated solutions no longer support the security and agility requirements of digital businesses. The enterprise perimeter has been turned inside out, driving demand for a secure access solution capable of protecting all resources in a lightweight and flexible manner. That’s what ZTNA delivers.

Receive News and Updates From Appgate