Zero Trust Network Access (ZTNA) with FortiGate: The P J Networks Approach for a Secure India

Outside the Great Wall: By 2025, Why India Requires Zero Trust

Hell in 1993 when I started as a network admin, the internet wasn’t really a thing yet – we were just starting to get voice and data over pstn muxes without everything blowing up. Fast forward to 2025, and India’s digital scene has transformed into something unrecognizable. But the kicker is—our traditional perimeter defenses? They’re not enough anymore.

In fact, trusting trust inside a corporate network? That’s your weakest link. We have remote work, cloud apps, BYOD, a cyber threat landscape that changes at the speed of light and, a younger, new generation of workers, who often lack the cybersecurity literacy the seasoned employees have., trust by default is a luxury Indian enterprises can ill afford. And, aha! If you think a mere VPN — never mind firewalls and traffic consolidation — is going to cover it, you’re so living in the past.

What is ZTNA? (Trust nothing, verify everything)

ZTNA is not only one of those snazzy buzzwords you hear getting thrown around at conferences like DefCon (where I just returned from the hardware hacking village btw and very inspiring work being done there). It’s a security architecture that turns the old model on its head.

Rather than pitting trusted insiders against untrusted outsiders, ZTNA says trust but verify everyone and everything every time. Access is no longer determined per location / device in the network. It’s dynamic, contextual and granular. That is, you don’t just check who you are once at the gateway — you continually authenticate and check authorization.

Here’s the thing about ZTNA:

  • Users are given access solely to specific applications or services they require, not the whole network.
  • Ongoing validation is considered which includes device health, user roles, threat scores, and locations.
  • The attack surface is largely reduced because there is little lateral movement within the network.

Sounds complicated? Yes, but it’s been possible with modern tools.

The Power of ZTNA Comes from FortiGate

I’m old enough to have been around when firewalls were pretty much just big, dumb packet filters. Now? FortiGate firewalls are heavyweights that play well in a Zero Trust environment. They are not only gatekeepers but rather smart, nimble enforcers of policy.

We love FortiGate at P J Networks simply because it is not the same as sticking each and every user in a room behind a large door. Instead:

  • FortiGate allows you to, apply different access policies to system and app processes based on where they are from, and the device they are using.
  • It’s well integrated with multi-factor authentication (MFA), with endpoint detection, and even cloud workloads, so user and device posture is checked.
  • Network segmentation within FortiGate is easy—so you can isolate east-west traffic to stop lateral movement.
  • The firewalls seamlessly span on-prem, cloud and remote users — crucial in India’s hybrid work setup.

I recently helped three of India’s largest banks modernize their zero-trust architectures with the help of FortiGate, and-let me tell you-the move from implicit trust to making trust a strictly enforced privilege was a game changer. The banks experienced tighter control, fewer insider threats and better audit trails.

Primary Benefit: Attack Surface Minimization, Tight Coarse Grained Control, Compliance advantage

But ZTNA isn’t security for security’s sake—it has considerable business benefits that Indian orgs’ must consider. Here’s what we see:

  • Reduced attack surface. Users see only what they have to see, and if credentials are compromised, attackers are not awarded control of the entire kingdom.
  • Granular access controls. You can apply the principle of least privilege at the application level – no more open internal networks.
  • Improved compliance. India’s data security and privacy laws are getting stricter every year. ZTNA aids in meeting stringent audit requirements with rich logs and complete session visibility.

Quick Take

  • Perimeters are dead. Trust nothing!
  • ZTNA gets context with FortiGate firewalls.
  • You don’t have to rip everything out to start with ZTNA (modular approach).
  • P J Networks is the expert in customizing such solutions to India’s unique position.

P J Networks: How to Apply Practical ZTNA Concepts

This is where my team and I at Menlo are excited – because ZTNA can be complicated. And no one desires a generic one-size-fits-all patch job. That’s why we assist Indian companies — in areas such as banking, and manufacturing & logistics — to map out realistic ZTNA deployments.

Our approach:

  1. Assessment first. Getting to know what’s out there — networks, cloud apps, remote users, IoT devices, you name it.
  2. Build around FortiGate instead. Using capabilities including user identity inclusion, microsegmentation and device posture checks.
  3. Phased rollout. We will stagger deployments, to reduce the operational ‘blast radius’ and while we educate teams on new workflows.
  4. Always on and always adapting. ZTNA isn’t a set-and-forget. We use our analytics to adjust policies as threats change.

As of now we have the second bank (just can’t believe how they were completely dumbfounded how some people used to only use a VPN and did not understand that it was a ticking time bomb) where we rolled out FGTs ZTNA. The result? Unauthorised access incidents cut by more than 50% in the first quarter.

Protect your Apps and Data – Everywhere

India’s digital universe isn’t sitting still. As users increasingly use apps at home, on the go and through third-party networks, the flexibility to access apps securely is a must-have.

With FortiGate enabled ZTNA you can:

  • Enable securely connecting employees, partners, and contractors from any location, with any device.
  • Secure legacy applications with modern SaaS—filling the gap that many companies find challenging.

Consistency – Adopt policies that are consistent with the requirements of Indian IT Act and upcoming privacy laws876.10.7.4 Conformity to law- Policy should conform to all legal and regulatory requirements (such as Indian IT Act) related to information security and privacy.

Here’s a good analogy for you- consider ZTNA akin to driving a high performing car. You don’t switch on the ignition, floor the gas pedal and forget it; you gaze in your mirrors, regulate the speed, signal a turn and engage brakes — all the time. Same with Zero Trust: secure in motion.

And passwords? Don’t get me started. Continue to encounter organizations with password policies that would make a hacker giggle. ZTNA doesn’t mean that passwords disappear but that far stronger authentication and behavioral analytics are required.

Wrapping Up

ZTNA isn’t just a buzzword or theoretical idea that Silicon Valley sales types talk about on whiteboards. It offers the frontline defense Indian organizations must employ — today.

At P J Networks Pvt Ltd, we combine experience that stretches over decades—from the darkest early days of the Slammer worm to the most modern FortiGate deployments—to help you get from where you are now to where you want to be. Because ultimately, it is about trust. Or better yet — trust no one, confirm everything.

And if you reach me after the third coffee, brace yourself for a deep-dive on why ZTNA is the future, why VPNs are yesterday’s news and what India really needs to combat hackers. Spoiler: It’s not complicated when you have the right framework — and FortiGate is that framework like no other.

Leave a Reply

Your email address will not be published. Required fields are marked *

This field is required.

This field is required.

sales@pjnetworks.com
(+91)9818361787
C-160 Mayapuri Ph II
Copyright © 2025 PJ Networks: Innovative Networking & Cybersecurity Experts, All Rights Reserved.