Decoding The New Zero Trust Terminology
Over the last year, I’ve been scared of two things. Our research teams have been planning and publishing a ton of research around Zero Trust, and since we’re analysts, new terminology, and comorbid acronyms, have emerged. My first fear was that all these new terms would confuse both the readers and the market. The second fear is about Vietnamese soup (more about that later).
Today, I can let go of that first fear, because we’ve just published a report to help cybersecurity professionals (and those in the vendor community, too) decode the new and upcoming Forrester Zero Trust terminology. It’s a Zero Trust Decoder Ring, if you will.
Forrester clients can, of course, read the full report. But for everyone else, here’s a quick rundown of the terminology:
- Zero Trust (ZT). ZT is the overarching information security model. You might have heard about it. We recently published an updated definition of ZT with an accompanying blog.
- Zero Trust platform. Zero Trust platforms are unified offerings of core security technologies that serve as the base upon which other security tooling, applications, processes, or technologies can be leveraged to enable ZT. The phrase “Zero Trust platform provider” replaces the Zero Trust eXtended (ZTX) ecosystem concept developed at Forrester over the previous decade.
- Zero Trust Edge (ZTE). In our 2021 report, Introducing The Zero Trust Edge Model For Security And Network Services, the most important word is “edge.” ZTE is an architecture focusing on cloud-delivered networking and security services for remote sites and workers. Vendors, you may know this model as SASE. We blogged about it here. Note: The Forrester equivalent term for security service edge (SSE) is just “a partner-oriented ZTE.”
- ZTE services. This is basically just outsourced management for ZTE solutions. This could be a vendor such as AT&T managing Fortinet SD-WAN or Palo Alto Networks’ Prisma Access or Windstream managing Cato Networks. In these examples, AT&T and Windstream would be the “services.”
- Zero Trust Network Access (ZTNA). ZTNA is a specific technology that uses Zero Trust principles to provide access to networks and applications. ZTNA replaces a virtual private network (VPN), especially for remote workers. We evaluated 15 vendor ZTNA offerings in our 2021 report, The Forrester New Wave™: Zero Trust Network Access, Q3 2021.
Hooray for the decoder ring! It’s helping to decipher Zero Trust terminology and capabilities.
As for the second fear, the irrational avoidance of Vietnamese soup … my therapist says it’s just a small phởbia. She’s hopeful that we can solve that by changing my medication again.