Alkira Beefs Up Security Stack with ZTNA
Alkira, a leading company providing multicloud network-as-a-service (NaaS) infrastructure, is on a roll. After raising $100 million in Series C funding earlier in the year, the company has ramped up its feature set by adding zero trust network access (ZTNA) as a native function to its network.
ZTNA, a security principle that uses multidimensional authentication principles to assure authorized access to network access and applications, has increasingly become a table-stakes item for network infrastructure. Alkira has launched a comprehensive ZTNA solution that is built into its cloud-based NaaS and offered as a software client for remote users.
Alkira already offers security services on its networks, which can be purchased from partners through its marketplace approach. But for ZTNA, it's using a different approach. Alkira will offer ZTNA as a native function of its network services, which are designed to help customers quickly set up connectivity among apps, datacenters, and users with cloud-based infrastructure.
Alkira will build ZTNA into its Alkira Cloud Exchange Points (CXPs), distributed points of presence in its network. The ZTNA features will be available as an agent-based software product, SecureConnect Client, which enables secure remote access for end users from any location. A centralized policy enforcement engine allows administrators to manage access policies for all traffic types from a single interface.
The ZTNA Trend Takes Off
So why ZTNA now? ZTNA has been a growing market with a number of software and service providers offering it to meet customer demand.
All of this points to a huge trend in ZTNA, which is being offered by a wide range of cybersecurity and network security vendors. Cloud network providers such as Akamai, Cato Networks, and Cloudflare all offer ZTNA. Aryaka has plans to add ZTNA within the next year. Cybersecurity vendors such as Cisco, Palo Alto Networks, Fortinet, and Zscaler have all added ZTNA functionality either through internal development or acquisition. Multicloud services vendors such as Aviatrix and Prosimo have also been focusing on security of cloud apps with ZTNA features. And there are other startups with ZTNA functionality, including Elisity, Netskope, and Versa Networks.
Alkira is differentiating itself by offering a combination of cloud-based network, multicloud routing, third-party security services, and ZTNA. One of the key appeals of ZTNA in multicloud environments is that the technology can be used to authenticate user access to cloud applications without the use of network identification techniques such as IP addresses, which can be useless in the cloud where IP addresses are often dynamically changed or obscured. Alkira ZTNA enables dynamic app identification for user access. It can also be used for app-to-app authentication, for example in the case where partners want to set up secure cloud networking.
Users Are the New Branch
ZTNA also represents a pivot away from cybersecurity solutions such as virtual private networks (VPNs) and hardware-based firewalls, which are tied to networking infrastructure that is non-dynamic or fixed in place. In the multicloud world, users and the apps are more dynamic, moving around more quickly. It no longer makes sense to tie security policies to specific devices or IP addresses.
“It’s a new world—customers are saying that users are the new branch,” Alkira’s senior director of product management Misbah Rehman told me in a recent briefing. “They like the idea of being able to set policy definitions [for these users].”
With this addition, Alkira says it’s not looking to compete with traditional cybersecurity vendors but provide more native security features to its NaaS. This underlines a trend in the industry of NaaS vendors focusing on security, providing both the network and security at the same time.
Key features of Alkira ZTNA include:
- Unified Solution for All Traffic Flows: Customers can apply consistent security and efficiency across user-to-app, app-to-app, and user-to-Internet communications.
- Network-First Approach: Users can leverage existing network segmentation to enhance security without sacrificing performance.
- Decentralized Architecture: Customers can utilize a centralized policy enforcement engine with a decentralized data plane for performance and ease of use.
- Single Management Interface: Customers can simplify the management, monitoring, and visibility of a network with the Alkira dashboard.
- Integrated Full Stack Security: Customers can bring in the vendor of choice on the Alkira network to secure traffic to Internet and private applications through a single security stack.
- Scalable and On-Demand: Alkira ZTNA adapts to changing needs without upfront investments or hardware installations.
Alkira ZTNA will be available for general release in this quarter. The company is demonstrating the functionality at the ONUG conference in New York City, New York, and the Gartner IT Symposium Conference in Orlando, Florida, which are happening this week.
Futuriom Take: By adding ZTNA, Alkira is keeping pace with market demand for flexible, software-based access security that can be adapted for a more dynamic world where remote users and access to cloud apps shift more frequently.