Select Page

Zero-Trust Network Access

Hillstone ZTNA Solution

Enable Zero Trust Access from any device, anywhere

Work-from-home (WFH) and work-from-anywhere (WFA) initiatives were trending pre-pandemic. CISOs globally were looking to enable greater workforce agility and improve workplace flexibility. When the pandemic hit, WFH and WFA became the number one priority for enterprises worldwide as employees batted down the hatches and began to work from unsecure home networks.  Security and networking teams became faced with requirements to quickly onboard remote workers but still protect against malware and ransomware. Security needs and connectivity needs began to merge together, as did security operations and business operations. This proves to be problematic because SecOps and BizOps are dramatically opposed, and different access requirements have to be carefully delineated.

Even as the world emerges post-pandemic, CISOs are tasked with enabling secure multi-location access: from on-campus networks, to branch offices, employee homes, and even across public mobile networks. To meet these new access challenges, we’re expanding our edge solutions suite to include zero-trust network access (ZTNA).

What is ZTNA?

Zero-trust is a model of security that works on the concept of least privilege – never trust, and always verify. In a zero-trust model, systems provide minimal access needed for resources or users to perform their tasks. This is independent of whether the user is inside or outside the perimeter. Zero-trust models are sometimes viewed as perimeter-less security, though in reality, it can more accurately be defined as a software-defined perimeter.


By focusing on identity and context, ZTNA allows fine-grained access control to enterprise resources and adapts well to a WFH and WFA world. ZTNA also works in an environment where businesses need to connect with and collaborate with non-employee users like partners.

ZTNA takes the identity of a user, their role in the enterprise, their location of access, and device state into consideration when granting access to enterprise resources. ZTNA implementations can protect resources anywhere — in branches, in enterprise data centers, or even in the cloud. It has the flexibility of providing different levels of access privileges based on a combination of attributes. For example, companies can limit employees to read-only versus write access if the employee is connecting from an untrusted public WiFi at an airport. This approach ensures that enterprises are minimizing their attack surface without impeding employee productivity.

Hillstone ZTNA Solution

Hillstone combines the capabilities of the Hillstone Security Management (HSM) Platform with our NGFW product line to offer our clients ZTNA features. Hillstone ZTNA supports a wide range of authentication schemes, popular enterprise devices, and operating systems. HSM enables scaled deployment and management. With ongoing investment into the research and development of our solutions, our ZTNA implementation will be delivered at a broader scale, exhibit more advanced intelligence, and support more deployment options in the near future.

How can ZTNA Help Your Organization?

With our superior security foundation, Hillstone’s ZTNA solution can serve many use cases and industries effectively. While not limited to the use cases that we’ll discuss here, we believe that highlighting our unique benefits will translate into ideas on how we can help you as an industry-agnostic solution.

For Remote Employees

Hillstone ZTNA provides the flexibility to accommodate this WFH and WFA world while keeping the attack surface contained. Our ZTNA solution can ensure that only corporate-registered devices are used to access the corporate network, antivirus software is running, and operating systems are up to date. This will help avoid situations where attackers take advantage of a known vulnerability on a system and leverage it as a jump-off point into corporate systems via remote VPN.

For Mobile Employees

Hillstone ZTNA can ensure that employees attain the necessary access for work processes while limiting modify access privileges to sensitive data. For example, a corporate finance employee who is traveling might be able to access their email but not allowed to connect to the finance or accounting systems while they are on the road and accessing corporate services via public locations. Once this user arrives at a branch office and is confirmed to be in a secured site, this user will gain access to the finance systems. This intelligent, context-based, least-privilege approach does an excellent job of managing risk and balancing security with productivity. ZTNA provides CISOs with the tools to surgically implement their policies, as opposed to the blunt hammer of all-access or no-access.

For Government Agencies or Regulated Industries

Hillstone ZTNA can provide the necessary additional layer of protection for government entities and enterprises with stricter compliance requirements. Both are categories of organizations at higher risk of compromise from malware and ransomware. ZTNA aligns with the philosophy of many of these agencies and industries, who themselves advocate a policy of need-to-know, need-to-access mindset. For example, ZTNA policies can mandate that traveling government employees use multi-factor authentication and trusted devices for remote access. Hillstone can be programmed to block access otherwise or allow limited access to commonly targeted systems like email.

For Services Providers

Service providers looking to help their customers secure their company IT resources in the face of WFH and WFA will find added value in Hillstone’s ZTNA solution. Many small and medium enterprises (SMEs) are under threat from ransomware but have little to no in-house IT expertise. As such, such enterprises are expecting reliable connectivity in tandem with dependable security for their digital assets. By layering ZTNA on top of Hillstone’s NGFW solutions, service providers can provide these SMEs with the added value of a managed solution that improves their security posture significantly. ZTNA can easily be provided as a service to these SMEs, allowing them to benefit from the advanced policies while trusting the service provider to manage the security policies on their behalf.

In summary, ZTNA allows enterprises to clearly see assets and interactions existing on their network, understand what access requirements are needed where and to who, and allows enterprises to quickly fulfill network needs while ensuring security despite the complex present-day access requirements.

Recent Blog Articles

Breaking the Mold: Halting a Hacker’s Code ep. 22 – China Telecom Gateway Configuration Management Backend ipping.php Remote Code Execution Vulnerability

How AI-Driven Network Detection and Response (NDR) Solutions are Transforming Enterprise Security

AI-driven NDR solutions

New HSM 5.5.0 vs. Trusted 4.X – Let’s Help You Decide!

Learn More about ZTNA

Engage with us to learn more about Hillstone’s ZTNA solutions by contacting your local authorized Hillstone Networks reseller.

Contact Us 

For the 4th year in a row, Hillstone Networks has been recognized in Gartner Peer Insights Customers’ Choice for Network Firewalls.

The Customers’ Choice is a rating of vendors in a given market — for Hillstone, it’s Network Firewalls — that take into account both the number of reviews and the overall user rating. Based on feedback and ratings from our end users who have purchased, implemented and are happily using our products and services, Hillstone’s overall rating came to 4.9.