Zero Trust Application Access

Private access, evolved

The Fall of the Wall

The assumption that internal networks are safe and that everything inside the perimeter can be trusted no longer holds. Networks and locations are no longer practical to establish sufficient trust for access.

Outdated Security Models

Castle and moat perimeter security models are problematic. Malicious insiders are a major reason for security breaches and the cost of insider attacks keeps rising.

Expanding Attack Surfaces

Cloud and mobility are creating new attack vectors. Traditional VPNs further expand the attack surface by creating network layer tunnels that extend the perimeter.

Traditional Secure Access

Legacy VPNs allow full network-level access rather than least privilege access, creating security vulnerabilities due to attack, lateral movement and data leakage.


A New Perimeter Emerges

In place of the traditional network perimeter, Zentry establishes a new perimeter – drawn tightly around individual users, devices and resources – to provide consistent, controlled access for any user, anywhere.

User Identity, MFA & SSO

User enters credentials, access gateway performs SSO and MFA based on successful user authentication.

Intelligent Policy Engine

Policy engine conducts fine-grained access control checks, authorization is granted or denied.

Secure Access Gateway

Access gateway sends requests to Web apps or Web services broker, secure connectivity is established.

Web Services Broker

Broker delegates requests and Webifies apps, desktops and infrastructure on-premise or in the cloud.

Any Application

Supports internal and public-facing Web applications, in addition to legacy enterprise applications. Webify desktops (RDP and VNC), SSH and Telnet, as well as legacy services that require specific client software. Web services emulation enables clientless HTML5 access over TLS from any modern browser.

Any Cloud or Data Center

Enable clientless, identity-aware, policy-based secure access to applications and resources located on-premise or in the cloud, and eliminate excessive trust placed on networks and locations by traditional security models. Lightweight resource connectors support all popular hypervisors and public cloud platforms.

OS & Browser Agnostic

Traditional VPN clients often require troubleshooting for specific OS and browser versions, imposing a heavy burden on both users and IT admins. In contrast, Zentry provides simplified, OS-agnostic clientless access through any HTML5 Web browser. No client to install, manage or explain to end users.

Software-based Subscription

Replace monolithic HW security with elastic pay-as-you-go cloud services that improve both security and the user experience. Zentry's auto-scaling high-performance architecture facilitates both utility consumption and adjustment to a wide variety of applications, resources and environments.

High-Performance Architecture

Distributed lightweight resource connectors deploy seamlessly on premise or in the cloud, linking up with high-performance access gateways (application proxy) to auto- scale bandwidth, accelerate TLS encryption, and deliver a superior user experience. Easily adopt new features as they become available.

Internal & External Secure Access

All application access is fully authenticated, authorized and encrypted based on device, user identity and access control policies. As a result, users can access applications and resources from anywhere on any device with the user experience for local and remote access being identical.


Download Our Complete
Zentry Security Resource Kit

A single download with a collection of resources to help you get started on the path to zero trust security.