Fortinet black logo

ZTNA Deployment

Home FortiGate / FortiOS 7.2.5 ZTNA Deployment

Deployment overview

7.2.5
7.2.5
Copy Link
Copy Doc ID 6e7c6489-6ec1-11ee-a142-fa163e15d75b:813800
Download PDF

Deployment overview

This document provides a deployment example of ZTNA for Web Applications's Zero Trust Network Access (ZTNA), covering the following solutions:

  • ZTNA application gateway:

    • Fabric connection to FortiClient EMS

    • HTTPS access proxy for web applications

    • ZTNA IP/MAC based access control for local users accessing the web applications

    • No persistent connection, such as VPN, is necessary

Using a similar scenario and topology example from the ZTNA Architecture Guide, we will walk through deploying the core components necessary to complete the requirements above. The goal is to reduce the reliance on dial-up VPN by using ZTNA to unify remote access and local access to web applications using role-based access control concepts.

Intended audience

Mid-level network and security architects in companies of all sizes and verticals should find this guide helpful. A working knowledge of FortiOS, FortiClient, FortiClient EMS, and the ZTNA for Web Applications Security Fabric is helpful.

About this guide

This deployment guide describes the steps involved in deploying a specific architecture. Readers should first evaluate their environment to determine whether the architecture outlined in this guide suits them. It is advisable to review the reference architecture guides, such as the ZTNA Architecture Guide, if readers are still in the process of selecting the right architecture. See also the ZTNA Concept Guide.

This deployment guide presents one of possibly many ways to deploy the solution. It may also omit specific steps where readers must make design decisions to further configure their devices. It is recommended that readers also review supplementary material found in product administration guides, example guides, cookbooks, release notes, and other documents where appropriate on the Fortinet Document Library.

For comments and feedback, please visit Basic ZTNA Deployment on community.fortinet.com.

Previous
Next

More Links

Basic ZTNA Deployment

Deployment overview

This document provides a deployment example of ZTNA for Web Applications's Zero Trust Network Access (ZTNA), covering the following solutions:

  • ZTNA application gateway:

    • Fabric connection to FortiClient EMS

    • HTTPS access proxy for web applications

    • ZTNA IP/MAC based access control for local users accessing the web applications

    • No persistent connection, such as VPN, is necessary

Using a similar scenario and topology example from the ZTNA Architecture Guide, we will walk through deploying the core components necessary to complete the requirements above. The goal is to reduce the reliance on dial-up VPN by using ZTNA to unify remote access and local access to web applications using role-based access control concepts.

Intended audience

Mid-level network and security architects in companies of all sizes and verticals should find this guide helpful. A working knowledge of FortiOS, FortiClient, FortiClient EMS, and the ZTNA for Web Applications Security Fabric is helpful.

About this guide

This deployment guide describes the steps involved in deploying a specific architecture. Readers should first evaluate their environment to determine whether the architecture outlined in this guide suits them. It is advisable to review the reference architecture guides, such as the ZTNA Architecture Guide, if readers are still in the process of selecting the right architecture. See also the ZTNA Concept Guide.

This deployment guide presents one of possibly many ways to deploy the solution. It may also omit specific steps where readers must make design decisions to further configure their devices. It is recommended that readers also review supplementary material found in product administration guides, example guides, cookbooks, release notes, and other documents where appropriate on the Fortinet Document Library.

For comments and feedback, please visit Basic ZTNA Deployment on community.fortinet.com.

Previous
Next