Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

Akamai Technologies : Zero Trust Network Access Is an Oxymoron

07/20/2021 | 11:34am EDT

Though Zero Trust is really quite simple and should be viewed as a very strong form of the age-old principle of least privilege, that does not mean that it is the same thing. In fact, one of the most significant differences from what came before is that when it comes to access, Zero Trust is based on application access, not network access. I was surprised, then, when Gartner's new SASE (secure access service edge) model included something called Zero Trust Network Access (ZTNA). This term is an oxymoron, and I make this point because it matters. The distinction between network access and application access is important.

Traditionally, access to corporate applications has been based on network access. You need to be on the corporate network in order to access corporate applications. If you are in one of your company's office buildings, then you connect to the corporate Wi-Fi network or Ethernet, possibly with an extra step of network access control (NAC). If you are elsewhere, then you use a virtual private network (VPN). Either way, there will be some authentication and authorization step after which you are on the corporate network. At this point, you have an elevated level of privilege and can access corporate applications.

Traditional Network Access: The user on the corporate network can see every routable application.

This elevated level of privilege that comes with network access, however, also comes with additional capabilities that you really don't need. Specifically, you can see every application that is routable on that network. You may not be able to log in to every such application, but you can see them -- that is, you can route packets to them. This distinction is important. If you can see an application, you can likely get it to execute code (for example, present a login screen or begin some other form of login challenge). And if you can get it to execute code, you may be able to exploit a vulnerability.

You could literally scan the network for vulnerable applications and then exploit them. Of course, you may be well intentioned and would never do such a thing, but not everyone is. More importantly, you could have malware on your device, and if you are on the corporate network, then so too is that malware. Scanning the network for vulnerable applications is exactly what malware does. That is exactly how malware spreads and finds high-value applications that it can exploit, and how ransomware finds high-value data that it can encrypt and then demand ransom for decryption.

What we see here is a clear violation of the principle of least privilege. You need access to certain applications, but you do not need to be able to see any other applications, let alone scan the network for vulnerabilities. Zero Trust fixes this problem by using an application-based access model.

With Zero Trust access, there is no direct routability between users and applications, and instead all access is routed through proxies. Generally, Zero Trust access is provided as a service with the proxies in multiple internet locations. Therefore, users need only a connection to the internet. Users never need to be on the corporate network.

Zero Trust Application Access: The user is redirected to a proxy that grants access only to those applications for which the user is authorized. All other applications are invisible.

Even in the case of remote access, there is no need for a VPN. When a user tries to connect to an application, they are redirected to one of these proxies. Only after the proxy authenticates the user and establishes that the user is authorized to use that application does it establish a forward connection to that application and allow communication between the user and that application. How it is that the proxy does this authorization, authentication, and forward connection varies by implementation and is beyond the scope of this article.

We can now see the clear contrast between the traditional network-based access model and the Zero Trust application-based access model. With network-based access, applications are exposed to the network -- either the entire internet or the corporate network -- visible to anyone who might need access. In contrast, with application-based access, applications are invisible and become exposed only to those who do need access and only after they have been authenticated and authorized.

With Zero Trust application-based access, users never need to be on the corporate network, and a VPN is never needed.


Akamai Technologies Inc. published this content on 20 July 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 20 July 2021 15:33:11 UTC.

© Publicnow 2021
10/21AKAMAI TECHNOLOGIES : Completes $600 Million Guardicore Buyout
10/21AKAMAI TECHNOLOGIES : Completes Acquisition of Guardicore to Extend Its Zero Trust Solutio..
10/14WALL STREET STOCK EXCHANGE : Aha moment for markets
10/14AKAMAI TECHNOLOGIES : Iniated by RBC With Outperform Rating Based on Market Leadership Pos..
10/14AKAMAI TECHNOLOGIES : RBC Capital Initiates Coverage on Akamai Technologies With Outperfor..
10/14ANALYST RECOMMENDATIONS : Asos, Avis Budget, Meritage Homes, Kansas City Southern, UPS...
10/05Facebook blames 'faulty configuration change' for nearly six-hour outage
10/04AKAMAI TECHNOLOGIES : KeyBanc Downgrades Akamai Technologies to Sector Weight From Overwei..
10/01VC DAILY : Question: In Fintech, How Much Is Too Much for Investors?
More news
Analyst Recommendations on AKAMAI TECHNOLOGIES, INC.
More recommendations
Financials (USD)
Sales 2021 3 444 M - -
Net income 2021 624 M - -
Net cash 2021 968 M - -
P/E ratio 2021 28,8x
Yield 2021 -
Capitalization 17 675 M 17 675 M -
EV / Sales 2021 4,85x
EV / Sales 2022 4,32x
Nbr of Employees 8 368
Free-Float 97,6%
Duration : Period :
Akamai Technologies, Inc. Technical Analysis Chart | AKAM | US00971T1016 | MarketScreener
Technical analysis trends AKAMAI TECHNOLOGIES, INC.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus OUTPERFORM
Number of Analysts 16
Last Close Price 108,55 $
Average target price 129,31 $
Spread / Average Target 19,1%
EPS Revisions
Managers and Directors
Frank Thomson Leighton Chief Executive Officer & Director
Rick M. McConnell President & GM-Security Technology Division
Edward J. McGowan Chief Financial Officer & Executive Vice President
Daniel R. Hesse Chairman
Robert Blumofe Chief Technology Officer
Sector and Competitors
1st jan.Capi. (M$)
ACCENTURE PLC32.89%218 421
INFOSYS LIMITED43.52%100 917
SNOWFLAKE INC.18.74%100 540