ZTNA or Zero Trust Network Access is a set of products and services that enable access conditions to an application or set of applications based on identity and context.
Applications remain hidden from possible malicious discovery attempts and access to them is restricted, through a trusted broker, to those enabled users. The trusted broker verifies the identity, context and policy compliance of specified users before allowing access and prohibits lateral movement elsewhere on the network. This eliminates public visibility enforcement and significantly reduces the surface area for attack.
ZTNA eliminates the excessive implicit trust that often accompanies other forms of application access, such as classic VPNs.