Secure Access with ZTNA for On-Premises Users
Bring resilient zero trust to your branches and headquarters
Modernize secure access to all applications with local zero trust network access (ZTNA) for your on-premises users. Ensure robust business continuity while enforcing zero trust access, even during internet outages.
The Problem
Excessive trust for in-office users increases risk
Private applications are the heart of your operations, but granting inherent trust to local users increases risk due to overprivileged access. To limit risk, it's crucial to enforce least-privileged access for all users, including those in the office or on-premises. But a cloud-based ZTNA service may not be a complete solution for every enterprise.
Key challenges require on-premises ZTNA
Complex network segmentation
Defining segments and using internal firewalls can be complex and time-consuming, even for simple tasks.
Regulatory restrictions
Highly regulated industries restrict the use of cloud-hosted technologies.
Performance for in-office users
For access to apps on the local network, cloud-based ZTNA still routes user traffic through a public broker and back.
Business continuity
Operations prone to connectivity outages or in harsh environments need to ensure reliable, uninterrupted access without compromising security.
Solution Overview
Extend ZTNA to your data center or public cloud edge with Zscaler Private Access™—the world's most deployed ZTNA solution—and ZPA Private Service Edge.
ZPA Private Service Edge is a simpler way to enable secure access to private apps. Whether your users are local or remote, they get an identical experience accessing apps in your data center or the cloud.
Business Continuity for ZPA
The Private Cloud Controller continuously synchronizes with the Zscaler Zero Trust Exchange™ platform for authentication and access configurations and policies.
When an outage is detected, the solution automatically switches over to Business Continuity Mode, and then reverts when the connection to the Zscaler cloud is re-established.
Benefits
Simplify and stabilize connectivity
Simplify segmentation
Move away from “source-IP-to-destination-IP” firewall rules in favor of “user-to-hostname” policies.
Maintain regulatory compliance
Comply with regulations that require private infrastructure by deploying an on-premises solution.
Deliver a fast user experience
Seamlessly connect users to private apps using the shortest path for optimized performance.
Ensure robust business continuity
Give users uninterrupted, policy-based access to all private apps during outages without any security tradeoffs.
our platform
The Zscaler Zero Trust Exchange
Secure user, workload, and device communication between and
within the branch, cloud, and data center.
Zero Trust Everywhere
Secure Data
- Find, Classify, and Assess Data Security Posture
- Prevent Data Loss Across All Channels
Secure AI
- Secure the Use of Public AI
- Secure Private AI Apps and Models
- Secure Agent Communications
Customer Success Stories
Trinseo secures on-premises access to private apps
FAQ
ZTNA was developed to enable secure, direct access to internal applications for remote users, delivered from the cloud. Users are never placed on the network, and applications are never exposed to the internet. On-premises ZTNA solutions provide the same functionality while operating entirely within an organization's private infrastructure. Learn more.