FROM: Joe Michael, Chief Information Officer
SUBJECT: ZTNA and SASE Security Solutions
RECOMMENDATION:
title
Recommend that the Board approve an initial three-year contract for services with Palo Alto Networks for Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) services via a National Association of State Procurement Officials (NASPO) contract for a cost not to exceed $570,000; authorize the Chief Executive Officer to execute an agreement with Carahsoft Technology Corporation thru their local reseller Netsync Network Solutions in a form approved by Chief Counsel.
body
BACKGROUND:
SBCERA has identified Cloud services as reliable, scalable, and fault tolerant. Cloud services allow Staff the flexibility to provide services to our Members and Employers irrespective of physical location and allow continued access to our systems and services regardless of disruptive event. ZTNA & SASE add the necessary security layers to the Cloud services to ensure only authorized individuals and devices access our data, systems, and services regardless of where in the Cloud they may reside.
ZTNA provides secure access based on defined policies. Unlike traditional Virtual Private Networks (VPNs), which generally grant complete access to an organization's internal network or Cloud environment, ZTNA defaults to deny, providing only the access to data, systems, and services the user has been explicitly granted.
ZTNA controls access by first requiring the user to be authenticated to the ZTNA service. The ZTNA service then grants access on the user's behalf through a secure, encrypted tunnel. This provides an added layer of protection by shielding otherwise publicly visible IP addresses and connections. Additionally, systems connected to a ZTNA service are continuously having their trusted access and security posture verified, as well as all data inspected to mitigate data loss, fraud, and breach. In the event any fail said inspection, the user...
Click here for full text