Latest survey on traffic visibility for ZTNA shows over half of ZTNA vendors expect severe security implications from a lack of visibility; adoption of DPI for real-time traffic intelligence is expected to grow in the next 3 years
ipoque, a Rohde & Schwarz company and a leading provider of next-gen deep packet inspection (DPI) software today published key findings of its latest research report ‘Next-gen DPI for ZTNA: Advanced traffic detection for real-time identity and context awareness’. The report finds poor traffic visibility affecting 90.7% of zero trust network access (ZTNA) vendors, compromising identity and context awareness that forms the basis of zero-trust strategies. The research also finds an overwhelming 92.6% of ZTNA vendors anticipating a rise in security vulnerabilities due to inadequate visibility, with 55.6% of vendors expecting the implication to be severe. The report, which is based on a survey of 55 leading ZTNA vendors, took place in November last year and was jointly conducted by ipoque and The Fast Mode, a leading telecoms/IT publication.
Assessing network and traffic intelligence that underpin the implementation of ZTNA, the report aims to uncover visibility challenges and the role of DPI in fortifying zero-trust executions. ZTNA merges access control and security in a cloud-based model, leveraging principles such as microsegmentation and least privilege access (LPA). “Trends in Cloud, SaaS, work-from-anywhere (WFA) and IoT have made ZTNA indispensable,” said Ariana Leena Lavanya, Principal Analyst at The Fast Mode. “Continuous adaptive trust, which is central to any ZTNA execution, uses real-time traffic intelligence to form virtual network perimeters that deliver seamless and secure access to enterprise resources.”
Lack of visibility impairs effectiveness of ZTNA
Visibility issues reported by ZTNA vendors stem from the explosive growth of traffic and application types and the emergence of new encryption protocols such as TLS 1.3, QUIC and ECH as well as various anonymization and obfuscation techniques. “Regardless of whether it is cloud, hybrid or on-premises ZTNA, ZTNA solution providers require advanced traffic detection techniques that can single out resources, devices, users, security status and irregularities. This is critical in executing fine-grained policies which are customized to different risk profiles and data sensitivity,” said Dr. Martin Mieth, VP Engineering at ipoque. Without sufficient visibility, ZTNA vendors have to fall back on blanket access rules and generic security measures, which lead to increased security vulnerabilities, network abuse and user experience issues, according to the report.
DPI equips ZTNA with future-proof traffic filtering capabilities
The ipoque OEM DPI engines R&S®PACE 2 and R&S®vPACE for networking and cybersecurity vendors combine behavioral, heuristics and statistical analysis, as well as machine learning (ML) and deep learning techniques to classify network traffic by protocols, applications and service types, even when encrypted. “Our DPI suite of solutions, which are optimized for both standard and cloud computing environments, are powered by AI and ML- based capabilities and weekly-updated libraries. Combining these with metadata extraction allows us to address information that ZTNA vendors deem most critical, namely threats, anomalies and application awareness,” said Dr. Mieth. The DPI technology by ipoque boasts high throughput, linear scalability and improved memory efficiency to support any number of user sessions. It also features extended capabilities such as first packet classification, custom DPI signatures, tethering detection and an IPFIX exporter that converts DPI data into Netflow/IPFIX flow records for seamless integration into SIEM solutions.
Higher use of DPI expected within ZTNA
The report finds that 83.3% of respondents currently use or plan to use DPI for ZTNA. Apart from enhancing the core mechanisms of ZTNA, DPI supports other ZTNA features such as single sign-on, single DLP and multi-factor authentication, and addresses encryption, unmanaged devices and even issues with ZTNA itself. “With real-time application awareness spanning legacy and hybrid applications, ipoque brings ZTNA performance to the next level and supports next-gen ZTNA features such as automatic network segmentation, intra-server / API access and even DEM,” added Dr. Mieth. “Continuous R&D into traffic trends and adoption of AI-based techniques have positioned us at the forefront of traffic intelligence, allowing us to support even the most advanced ZTNA implementations.”
Other important topics such as security service edge’s (SSE’s) impact on ZTNA, zero-trust implementation challenges and popular models for DPI deployment are also explored in the report. The full report is available at www.ipoque.com/ZTNA-report.
ipoque, a Rohde & Schwarz company, is a global leader in network analytics and deep packet inspection software for the communications industry. We leverage our deep domain expertise to create software solutions that empower customers to transform network data into intelligence. Find out more at www.ipoque.com.
Rohde & Schwarz
Rohde & Schwarz is striving for a safer and connected world with its Test & Measurement, Technology Systems and Networks & Cybersecurity Divisions. For 90 years, the global technology group has pushed technical boundaries with developments in cutting-edge technologies. The company’s leading-edge products and solutions empower industrial, regulatory and government customers to attain technological and digital sovereignty. The privately owned, Munich-based company can act independently, long-term and sustainably. Rohde & Schwarz generated net revenue of EUR 2.78 billion in the 2022/2023 fiscal year (July to June). On June 30, 2023, Rohde & Schwarz had around 13,800 employees worldwide.
ipoque Gmbh – A Rohde & Schwarz Company
Augustusplatz 9
04109 Leipzig
Telefon: +49 (341) 59403-0
Telefax: +49 (341) 594030-19
http://www.ipoque.com
Marketing Manager
Telefon: +49 341 594030
E-Mail: christine.lorenz@rohde-schwarz.com