Ivanti Neurons for Zero Trust Access (nZTA)
Ivanti Neurons for Zero Trust Access (nZTA) - Image 2
Ivanti Neurons for Zero Trust Access (nZTA) - Image 3

Ivanti Neurons for Zero Trust Access (nZTA)

Availability:

Available on backorder
Compare

Ivanti Neurons for Zero Trust Access is a cloud-based ZTNA solution delivering secure, direct-to-application access with continuous verification, least privilege, and hybrid VPN integration.

Compare

Ivanti Neurons for Zero Trust Access (nZTA) is a SaaS-delivered Zero Trust Network Access (ZTNA) solution that enables organizations to secure access to corporate applications and resources in hybrid and multi-cloud environments. Built on Software-Defined Perimeter (SDP) principles, nZTA enforces continuous verification of users, devices, and applications before granting access, ensuring least privilege and reducing the attack surface. It supports context-aware authentication, granular access controls, and device posture checks, hiding application infrastructure from external detection (no visible DNS or IP addresses). Integrated with the Ivanti Neurons for Secure Access platform, nZTA works alongside Ivanti Connect Secure (VPN) to support hybrid access models, allowing organizations to transition to Zero Trust without replacing existing infrastructure. Key features include real-time risk scoring, automated endpoint quarantine, and seamless integration with identity, security, and endpoint management tools.

SKU: ivanti-neurons-zero-trust-access Category: Tags: , , , , , , , , , , , , , , , , , Brand:
  • Architecture:
    • Components:
      • Ivanti Neurons for Secure Access Platform: Cloud-based SaaS platform hosted on Microsoft Azure, managing nZTA services.
      • nZTA Controller: Cloud service for authentication, policy enforcement, and gateway management.
      • nZTA Gateway: Deployed in datacenters or cloud (AWS, Azure, vSphere, KVM) to broker secure connections to applications.
      • Ivanti Secure Access Client: Client software for Windows, macOS, iOS, Android, supporting ZTNA and VPN profiles.
      • Tenant Admin Portal: Web-based interface for configuring policies, user rules, and gateways.
    • Deployment Options:
      • Cloud-Native: Fully managed SaaS with gateways in public clouds (AWS, Azure).
      • Hybrid: Cloud-based controller with on-premises or cloud gateways for private apps.
      • On-Premises: Gateways in customer datacenters (vSphere, KVM) for sensitive environments.
    • Scalability: Supports millions of users/devices and thousands of gateways; scales with Azure infrastructure.
    • Operation Mode: Client-based (Secure Access Client) for full ZTNA; browser-based for limited SaaS access; agentless for unmanaged devices via reverse proxy.
  • Supported Platforms:
    • Clients: Windows 10/11, macOS 11–14, iOS 11+, Android 8+, Linux (limited features).
    • Browsers: Chrome, Edge, Firefox, Safari for Tenant Admin Portal and agentless access.
    • Gateways: AWS, Azure, Google Cloud, VMware vSphere, KVM; ESAP versions per release notes.
    • Applications: SaaS (Microsoft 365, Salesforce), cloud apps, on-premises apps (HTTP, HTTPS, SSH, RDP).
  • Authentication:
    • Methods: SAML 2.0, OAuth 2.0, TOTP, biometric, certificate-based, local authentication.
    • MFA: Ivanti Neurons MFA, Okta Verify, Duo, Google Authenticator, RSA SecurID.
    • Integration: Azure AD, Okta, Ping Identity, Radiant Logic, SailPoint IdentityIQ.
  • Access Control:
    • Policies: Granular rules based on user identity, device posture (OS, antivirus, root access), application type, and context (location, time, usage patterns).
    • Device Compliance: Checks OS version, antivirus definitions, jailbreak/root status, and running processes.
    • Micro-Segmentation: Isolates applications with no visible DNS or IP exposure.
    • Dynamic Policies: Real-time policy updates based on risk scores and compliance status.
  • Security:
    • Zero Trust: Continuous verification, least privilege, and SDP architecture.
    • Risk Scoring: Evaluates device and user risk based on processes, apps, and behavior; auto-quarantines risky endpoints.
    • Encryption: mTLS for client-gateway communication; FIPS 140-2 certified modules.
    • Vulnerabilities: Recent CVEs (e.g., CVE-2025-22462) affect nZTA gateways before 22.7R2.3; require patching.
    • Lookout Integration: Adds CASB and SWG for cloud app security and data loss prevention (DLP).
  • Integrations:
    • Ivanti Ecosystem: Ivanti Connect Secure, Neurons for Secure Access, Neurons for UEM, Policy Secure (NAC), Neurons for ITSM.
    • Third-Party: Okta Identity Cloud, Radiant Logic, SailPoint, IBM QRadar XDR, Tenable.io, Mandiant Security Validation, ServiceNow, Splunk.
    • Cloud: AWS, Azure, Google Cloud for gateway hosting and app access.
    • APIs: REST APIs for IDP, SIEM, UEM, and vulnerability assessment; SCIM for identity provisioning.
  • Visibility and Reporting:
    • Dashboards: Real-time views of user access, device compliance, gateway status, and app usage.
    • Reports: Customizable for compliance, user behavior, and security events; scheduled or on-demand.
    • Service Maps: Visualizes application dependencies and access paths.
    • Logging: Unified logging via Ivanti Neurons for Secure Access; exportable to SIEM.

Related products

Select at least 2 products
to compare