Can ZTNA scale campus network security?

These are uncertain times. Inflation, supply chain pressures, and the current geopolitical environment are forcing organizations of all sizes to re-examine their approach to planning, funding, and deploying cybersecurity solutions. One of the results of the pandemic has been the rise of the “micro-branch”, created by companies to support their new remote employees. Unprecedented levels of remote access, in turn, have dramatically increased the focus on security. Now, with many knowledge workers returning to campus environments, what’s next for campus network security? As we approach the RSA conference in early June, I’d like to dive deeper into this topic and share some of my predictions and insights.

Is yesterday’s network access control enough?

Before the pandemic, teleworking was little used and often reserved for executives or salespeople. Today, remote work is here to stay. One can look to the hybrid work infrastructure roadmap realignments and external messaging from enterprise network solution providers such as Cisco, HPE Aruba, and Juniper Networks to validate this point. Hybrid working creates a new challenge for organizations as security platforms bifurcate between campus and branch environments. It’s no secret that Zero Trust Network Access (ZTNA) has been widely adopted to secure remote access, but should we apply it to campus environments as well?

Why Consider ZTNA On Campus

ZTNA has great visibility and momentum to roll out, and in my view, that is justified. Virtual Private Network (VPN) solutions have been around for a long time and have many cybersecurity vulnerabilities. Connection speeds and application performance are also often significantly affected. These challenges often cause users to prefer not to use traditional VPN tools (I remember having the same experience when I worked in an American company). Based on my many conversations with infrastructure providers and customers, I can confidently say that the demise of VPNs is near!

That said, ZTNA is the future of remote access. ZTNA’s superpower lies in its ability to provide application security independent of a given network. Authenticating users to applications greatly mitigates the lateral movement of threats across a network, if not eliminates it altogether. So that begs the question, why not apply ZTNA to campus environments as well? The benefits are many – from preventing lateral movement of threats and implementing unified policies, to consolidating cybersecurity budgets in an uncertain macro environment.


I believe a handful of cybersecurity solution providers are poised to take advantage of providing a universal ZTNA platform that can span campus, traditional branch, and new micro-branch. These companies include (in alphabetical and unranked order) Airgap Networks, Palo Alto Networks, and Zscaler. I plan to hang out with all three companies at the RSA conference and the upcoming Zscaler ZenithLive event in Las Vegas June 21-24. Stay tuned for my additional ideas over the next few weeks.

Disclosure: My firm, Moor Insights & Strategy, like all research and analysis firms, provides or has provided research, analysis, advice and/or advice to numerous high-tech companies in the industry, including Palo Alto Networks and Zscaler, cited, or linked to this article. I do not hold any ownership interests in the companies listed in this column.

Kevin M. Risinger