Call a Specialist Today! 800-886-5787 Free Shipping! Free Shipping!

Universal Zero Trust Network Access (ZTNA)
Fortinet Universal ZTNA improves secure access to applications anywhere, for remote users

Zero Trust Network Access

A FortiGate and the FortiClient ZTNA agent are all that’s needed to enable more secure access and a better experience for remote users, whether on or off the network.

Zero Trust Network Access

What is ZTNA?

Secure Access Everywhere
ZTNA is a capability within Zero Trust Access (ZTA) that controls access to applications. It extends the principles of ZTA to verify users and devices before every application session. ZTNA confirms that they meet the organization’s policy to access that application.

Zero Trust Access

Fortinet brings Universal ZTNA to the Fortinet Security Fabric

Our unique approach, delivering Universal ZTNA as part of our FortiGate Next-Generation Firewall (NGFW) makes it uniquely flexible, covering users when they are remote or in the office. Universal ZTNA capabilities are automatically enabled on any device or service running FortiOS 7.0 and higher. This includes hardware appliances, virtual machines in clouds, and the FortiSASE service.

A FortiGate and the FortiClient ZTNA agent are all that’s needed to enable more secure access and a better experience for remote users, whether on or off the network.

Related Products


Endpoint Remote Access and Control

Zero Trust Access

Key Features and Benefits

  • FLEXIBLE DEPLOYMENT: Enables ZTNA policies to be enforced for both remote workers and on-campus workers.
  • GRANULAR ACCESS CONTROL: Grants access to a specific application only for that session.
  • ONGOING VERIFICATION: Verifies the user identity, the device identity, device posture, and the user’s right to access an application before granting access to an application.
  • CLIENT-INITIATED MODEL: Provides more visibility and control of the endpoint for the IT team while providing the user a faster, easier experience.
  • NO EXTRA COST: Requires no additional licenses. Fortinet’s ZTNA is a free feature in FortiOS and FortiClient, enabling customers to shift from VPN to ZTNA at their own pace.
  • AUTOMATIC ENCRYPTED TUNNELS: Creates TLS-encrypted tunnels automatically, from the endpoint to the access proxy, ensuring traffic is hidden from prying eyes.

Use Cases

Legacy VPNs cannot provide the flexibility or level of security required for today’s dynamic networks and workers. ZTNA solves VPN shortcomings, making it the ideal solution for the following use cases:


Organizations need to provide secure connections to the applications employees need whether they are in the office, at home, or on the road. ZTNA enables secure and granular access that improves security and the user experience—anywhere, anytime.


Apps are moving from on-premises servers to private and public clouds. With a ZTNA access proxy in place, IT has complete control over where these connect. Apps can move to the cloud, between clouds, and back to campus without impacting user experience.


ZTNA ensures only users and devices that should access an app, can, with the help of multi-factor authentication (MFA).
Plus, all applications are hidden from the internet. No longer are applications exposed to the internet for bad actors to see and try to breach.

Questions? We're here to help.

From offering expert advice to solving complex problems, we've got you covered. Get in touch with a Fortinet Solutions Specialist today to learn more!