Universal ZTNA General Release
Information
Overview
Universal ZTNA integrates network, application, and device access security
within a single solution to bolster security organization wide. Establish and
maintain a consistent security policy across your network with a single solution to
manage and enforce an identity-level zero trust policy for all users. You can also
manage user networks, applications, and Internet of Things (IoT) device access
independent of the user‘s location.
Universal ZTNA combines and
enhances remote and campus access security. Remote access leverages ZTNA continuous
authentication, tunneled application sessions with direct to cloud routing. On
campus access combines ZTNA and NAC capabilities to control access to the network
and applications for headed and headless devices.
Switch Onboarding Options
Option 1 – Managed
- Supported NOSs: Switch Engine
only
- Supported Switches: 4120, 4220, 5320, 5420, 5520, 5720, x435
- Minimum NOS version: 32.6.3
- Summary: Switch configuration is fully managed by ExtremeCloud IQ. The Instant
Secure Port workflow is used to provision RADIUS/authentication and Universal ZTNA policy is provisioned via static policy.
Option 2 – Locally Managed
- Supported NOSs: Fabric Engine and
Switch Engine
- Supported Switches: 5320, 5420,
5520, 5720, 7520, 7720, x435
- Minimum NOS version: Fabric Engine 9.0.2, Switch Engine 32.6.3
- Summary: Switch is onboarded but switch configuration is managed outside of
cloud. Universal ZTNA network policy is provisioned via dACLs by RADIUS
VSAs
Firewall Considerations
Outbound access to the following IP Addresses are required in any firewall
configurations:
- 13.248.199.77
- 76.223.79.155
