Netskope Enables 100% Legacy VPN Replacement with ZTNA Next

For infrastructure and operations (I&O) teams, the transition from legacy architectures to a modern zero trust architecture is far from straightforward. Teams often face a complex patchwork of fragmented and siloed systems of different vintages, along with the challenge of managing dozens of disparate security and networking vendors. Echoing this complexity, Gartner predicts that “by 2025, 70% of organizations that implement agent-based zero trust network access (ZTNA) will choose either a secure access service edge (SASE) or security service edge (SSE) provider for ZTNA, rather than a stand-alone offering.*”

Here at Netskope, our mission is to enable organizations to simplify their journey to SASE. That’s why in April, we announced the launch of Netskope ZTNA Next, the industry’s first ZTNA solution that provides a clear roadmap for I&O teams to fully retire legacy VPNs and move toward a SASE architecture. Today, we’re even more excited to announce that ZTNA Next is now generally available to our customers. 

Why ZTNAs must address all types of traffic flows to truly replace legacy VPNs

Today’s cloud-based ZTNAs excel at connecting users to modern private applications with client-to-server traffic flows. However, they fall short when it comes to supporting applications such as VoIP, Remote Assistance, or Forensics Tools, which require traffic to flow in the opposite direction – i.e., inbound to an endpoint from either a remote server or from a remote endpoint. This limitation is especially problematic for organizations with significant investments in on-premises VoIP systems for remote call centers or remote assistance software tools for help desks.

Netskope ZTNA Next takes a different approach to bridge the connectivity gaps left open by conventional ZTNAs. ZTNA Next brings SD-WAN capabilities to ZTNA and offers comprehensive zero trust access for all private applications, regardless of the direction from which the application flow originates. Netskope Private Access for ZTNA and Endpoint SD-WAN are integrated into a unified SASE client –the Netskope Client– to intelligently route application traffic while optimizing application performance for users.

With ZTNA Next, Netskope has paved the way for complete VPN replacement. I&O teams, we’ve got all your legacy VPN use cases covered, including:

1. Client-to-server (e.g., web apps); 
2. Client-to-client (e.g., remote assistance);
3. Bi-directional traffic (e.g., VoIP).

With Netskope’s service fully securing and connecting all your private application traffic, you can forgo the administrative headache of managing separate ZTNA and VPN clients or modernizing applications for ZTNA access.

Speed up, simplify and secure how users connect to applications

ZTNA Next combines our award-winning Netskope Private Access for ZTNA with the power of software-only Netskope Endpoint SD-WAN. ZTNA Next offers customers these benefits:

• Modernize connectivity and security: Accelerate the transition away from traditional VPNs by enabling support for all applications including ones that require server-to-client or bi-directional connectivity – a gap for existing cloud-based ZTNAs – thereby accelerating adoption of SASE.
• Give users a great experience: I&O teams can ensure reliable and optimized access to applications, including critical voice and video communications, with the Netskope Client’s AppQoE (Application Quality of Experience) capabilities.
• Streamline operations and reduce costs: I&O teams can unplug their legacy VPN hardware – i.e. VPN concentrators, internal firewalls, and load balancers – while eliminating the need to operate separate remote access tools previously needed for legacy applications.
• Better visibility and control over applications: Gain complete visibility into all internal applications being accessed and the users who are accessing them, enabling admins to easily discover application traffic and seamlessly transition application access from legacy VPNs to ZTNA Next.

Get started on your SASE journey with Netskope

Learn more about what ZTNA Next can offer by exploring these resources:

• Download our eBook: Delivering on the Promise of 100% Legacy VPN Retirement
• Visit our website: Replace VPNs with ZTNA Next

Don’t miss our upcoming blog post, where we’ll announce new features of Netskope’s SASE Client that make it even easier for organizations to connect users across any branch and remote location, and fully realize the benefits of SASE.  

*Gartner, “Magic Quadrant for Security Service Edge,” Charlie Winckless, Aaron McQuaid, John Watts, Craig Lawson, Thomas Lintemuth, Dale Koeppen, April 2023