Best Zero Trust Security Solutions for 2022

Zero trust security is a concept that’s been around for several years, but it may finally be starting to gain traction as a technology product. The problem is that zero trust can mean different things to different people – and not all vendors take the same approach. But buyers are beginning to express interest, and a number of security vendors have assembled some interesting approaches to zero trust security.

What is zero trust security?

Even analysts don’t entirely agree on what zero trust security is.

Gartner calls it zero trust network access (ZTNA) and sees ZTNA as something of a fine-grained approach to network access control (NAC), identity access management (IAM) and privilege access management (PAM) – and at least an adjunct to, if not a replacement for, VPNs and DMZ architectures. Users are granted access only to the data and applications they need rather than the entire network, reducing the risk of lateral movement on the network, and device security and behavior monitoring controls can further restrict access.

As Gartner analyst Steve Riley puts it, “Identity is the new perimeter.” He sees services taking a substantial early lead over standalone solutions and says that while it’s too soon for a zero trust Magic Quadrant, the analyst firm will have more to share on customer experiences in 2021.

Forrester – which coined the term zero trust 10 years ago – takes a broader approach. The Forrester Wave report covers “Zero Trust eXtended Ecosystem Platforms,” or ZTX for short. The firm urges microsegmentation at the identity, network or device level, along with policy enforcement and advanced identity management.

What the two approaches have in common is that current security technologies grant too much access, and that refined controls could improve network and application security.

We’ll take a look at both approaches and some others in this top zero trust vendors piece. While it’s too soon to declare winners, a number of vendors have pieced together strong approaches. We looked at nearly 40 vendors in developing this list, so we’ll focus on eight of the more interesting solutions, from the simple to the complex, and list some other promising ones after that.

Top zero trust solutions

1 Twingate

Visit website

Twingate helps fast-growing companies easily implement a secure Zero Trust Network Access solution without compromising on usability or performance. Twingate's secure access platform replaces legacy VPNs with a modern Identity-First Networking solution that combines enterprise-grade security with a consumer-grade user experience. It can be set up in less than 15 minutes and works with all major cloud providers and identity providers. We believe that "Work from Anywhere" should just work.

Learn more about Twingate

2 Heimdal Security

Visit website

A PAM solution that gives system administrators complete visibility into each endpoint’s access privileges. With this convenient setup, admins are able to view user requests, check request history, block elevations, and approve or decline escalation requests on the go from either the dashboard or mobile app. Enable Zero-trust execution or revoke local admin rights with a simple click. This effectively stops malicious insider threats from taking over your network and boosts your security.

Learn more about Heimdal Security

3 ManageEngine AD360

Visit website

ManageEngine AD360 is an integrated identity and access management solution that assists organizations to manage and secure user identities, facilitate identity governance, and ensure compliance. It provides in-depth access management for Microsoft Active Directory, M 365, G Suite, and other target systems, and gives an edge over native tools. Its key capabilities include authentication, auditing, user behavior analytics (UBA), multi-factor authentication (MFA), and single sign-on (SSO).

Learn more about ManageEngine AD360

Jump ahead to:

Cisco Systems

Key takeaway: With a strong offering spanning access management and segmentation, Cisco customers in particular have reason to look closely at the networking giant’s zero trust solutions. cisco

Cisco’s acquisition of access management leader Duo has solidified its zero trust approach. Combined with the networking giant’s Tetration microsegmentation technology and SD-Access policy and network access solution, Cisco is becoming an early leader in the zero trust security market. That’s especially good news for Cisco customers, who will have an easier time with implementation with all the pieces integrated. Duo users have been particularly happy, so if Cisco can maintain that product satisfaction it could have a winner on its hands.


Key takeaway: Illumio goes beyond zero trust to fill a number of security needs, and automation and management features might even give it SMB appeal. illumio

Illumio’s workload and endpoint security platforms fit nicely into the zero trust space, and with its microsegmentation and whitelisting abilities, the company says it can even prevent the spread of ransomware. Users are happy with everything from product capabilities to pricing. With capabilities that span vulnerability management, microsegmentation, network visibility and encryption, Illumio has put together a strong security offering in general. Good automation and management features give Illumio’s Adaptive Security Platform broad appeal.

Palo Alto Networks

Key takeaway: Palo Alto combines strong security with recent acquisitions to emerge as a zero trust player. paloalto

Palo Alto Networks is one vendor that’s not afraid of independent security tests, and the results across gateways, firewalls, intrusion prevention systems and endpoints have been impressive. With the recent acquisitions of Twistlock, RedLock, PureSec and CloudGenix, Palo Alto’s security offerings now extend into the cloud, containers and SD-WAN. Integrating all that may take some work, but Palo Alto is becoming a vendor to be reckoned with in zero trust security. CloudGenix users in particular seem wildly happy.


Key takeaway: Akamai has leveraged its CDN technology and internal security work to emerge as a zero trust leader. akamai

Akamai has leveraged its dominant position in edge data and content delivery into an impressive security platform, with zero trust at the center of that approach. Identity and application access, single sign-on with multi-factor authentication, and threat and DDoS protection are some of the ways Akamai cloaks and protects applications while accelerating performance. Much like Google’s BeyondCorp, Akamai’s Identity Aware Proxy architecture began as an internal security effort.


Key takeaway: Looking for an easy way to implement zero trust? Okta should be on your list. okta

Seeing Okta on this list should come as no surprise, as the company has long been a leader in access management, authentication and single sign-on. It also shouldn’t come as a surprise that Okta is strongest in identity and access management. With a simple and easy-to-manage approach, Okta offers users a way to implement zero trust without a lot of complexity.


Key takeaway: This is SO not your father’s mainframe vendor. unisys

For a vendor that started out in mainframes, Unisys Stealth is one of the coolest zero trust approaches on the market, leveraging the company’s work in high-security government agencies to create a platform that includes what Forrester called “one of the few real applications of actual machine learning that we’ve seen in production in any security analytics or automation system.” The Stealth software suite offers visibility, microsegmentation, identity, cloud and mobile support, and services. If you have high security requirements, you need to take a look at Unisys.


Key takeaway: The vendor known for one-stop shopping takes the same approach to zero trust.

Symantec, now part of Broadcom, has assembled a comprehensive portfolio of zero trust offerings: symantec

Symantec positions Secure Access Cloud as a replacement for VPNs. It uses a software-defined perimeter approach to cloak data center resources, isolating them from end users and the internet and removing the network as an attack surface. And Symantec ties it all together and automates it through its Integrated Cyber Defense Platform, making the vendor a good choice for those who want one-stop shopping.

AppGate SDP

Key takeaway: Positive user experience and an innovative approach to zero trust makes AppGate one to watch. appgate

AppGate SDP – part of Cyxtera’s cybersecurity business that was spun out last year into a separate company – is another software-defined perimeter product aimed at replacing legacy VPN systems. There’s not a lot of user feedback on AppGate SDP, but what there is is uniformly positive. Users say the product is innovative and offers very granular access control and supports multi-cloud environments. Support is responsive but a couple say the management interface can be difficult to use. Best for those looking to isolate specific environments and aren’t afraid of a leading-edge product. The product’s ability to dynamically adapt to risk is a plus too.

Other noteworthy zero trust vendors

With so many security vendors going after the zero trust market, mergers and acquisitions are likely. Indeed, just in the last week, Check Point Software acquired Israeli zero trust startup Odo Security, and Fortinet acquired OPAQ Networks in July.

Other vendors taking noteworthy approaches to zero trust include:

  • Google (BeyondCorp, Cloud IAP, Context-Aware Access)
  • Microsoft (Azure AD and Web Application Proxy)
  • Proofpoint
  • Check Point
  • Forcepoint
  • Forescout
  • Fortinet
  • Guardicore
  • BlackBerry
  • MobileIron
  • Netskope
  • Zscaler
  • Pulse Secure
  • Perimeter 81
  • NetFoundry
  • Citrix
  • Cato Networks
  • Cloudflare
  • Wandera
  • BlackRidge
Paul Shread
Paul Shread
eSecurityPlanet Editor Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including award-winning articles on endpoint security and virtual data centers. He wrote a column on small business technology for, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds a market analyst certification.

Top Products

Related articles