PZTA offers users streamlined application access while allowing organizations to govern every request by automatically verifying identity, device and security posture before granting a direct, encrypted connection between that user's device and applications residing in public clouds, private clouds or data centers.
The PZTA service consists of the ZTA Controller, which is hosted and managed by Pulse Secure, the virtual ZTA Gateway that customers deploy on-premises or in the cloud, and the unified PZTA Client which runs natively on each user’s Microsoft Windows, Apple macOS and iOS, and Google Android device. PZTA Clients support simultaneous, protected connections to multiple applications.
Every direct device-to-application session requires explicit authentication and authorization, and each session is governed by a centrally deployed and managed policy. PZTA augments contextual and identity-centric policies with built-in User and Entity Behavior Analytics (UEBA) whereby attributes for every session are monitored and assessed, applying proprietary risk scoring algorithms to identify non-compliant, malicious and anomalous activity, and take expedited threat mitigation actions.