Sophos ZTNA-as-a-Service Now Available

ProductsSophos ZTNA

Launching the first of our SASE solutions: Sophos ZTNA v2 enables ZTNA-as-a-Service via the Sophos cloud and new macOS agent support for zero trust endpoints

The network product team is pleased to announce the general availability of Sophos ZTNA v2 enabling ZTNA-as-a-Service via the Sophos cloud and new macOS agent support for zero trust endpoints. This marks a significant milestone for us, being the first of our SASE (Secure Access Service Edge) solutions, paving the way for more exciting cloud-delivered security solutions in the future.

ZTNA – The Ultimate Remote Access VPN Replacement

Zero Trust Network Access (ZTNA) provides ultimate network application access, particularly for remote workers, but it works equally well both in and out of the office. ZTNA provides better security by only granting access to specific applications, easier and more scalable cloud management, and a more transparent end-user experience than remote access VPN.  ZTNA not only secures access to the applications your customers own in their on-premise data center or AWS, but can also control access to SaaS applications that support IP address access control by limiting access from their ZTNA gateway IPs.


New ZTNA-as-a-Service Cloud Gateways

This latest release of our ZTNA platform makes deployment even easier and security even stronger by utilizing lightweight gateways on the application side that establish secure encrypted connections to the Sophos cloud on port 443, eliminating any need for firewall NAT configuration. This enhances security by removing open firewall ports to the internet and by further abstracting applications that ZTNA is protecting.

With these new ZTNA gateways, the Sophos cloud now brokers the secure connections between zero trust endpoints and your customers’ applications. These new ZTNA gateways offer the same platform support as the current on-premise gateways: VMware, Hyper-V, and AWS.

In summary, with this release, there are now two options for ZTNA application gateways:

  • Cloud Gateways introduced in this release provide a new lightweight gateway deployment option that connects automatically via port 443 to the Sophos cloud at regional points of presence. This solution offers the most streamlined deployment option without requiring any firewall configuration and makes the applications more invisible and secure as a result.
  • On-Premise Gateways continue to provide a private data plane connection directly between your customers’ zero trust endpoints and applications. This solution will be best for those customers who have concerns about latency via the Sophos cloud points of presence. Current customers can switch to the new cloud gateways or continue to run these on-premise gateways or utilize the new cloud gateways in a mixed or hybrid approach.

ZTNA-as-a-Service cloud points of presence currently include:

  • Europe (Ireland and Frankfurt)
  • North America (Ohio and Oregon)
  • Asia Pacific (Mumbai and Sydney)

Your customers select their preferred cloud point of presence when setting up their ZTNA connectors in Sophos Central.


macOS Support

We are also pleased to offer Apple macOS agent support with this release. Mac users can now get the same single-agent, health-based secure access with Intercept X and Synchronized Security as Windows users.  Running agentless continues to be an option for web-based apps on all platforms including mobile devices.



ZTNA and MSP Flex – Coming Soon!

ZTNA will soon be part of the MSP Flex Program. Expect another announcement at the end of January.

Zero Trust Network Access is the perfect MSP product at the perfect time for enabling your customer’s remote workers to securely access the applications and systems they need to do their jobs. This innovative new zero trust solution will soon be part of our industry leading MSP Flex portfolio of cybersecurity products. As a Sophos MSP partner, ZTNA will further expand the portfolio of monthly billing services you can offer, all from a single cybersecurity vendor, managed from a single Central Management Platform.

Get prepared to start selling ZTNA Today.


Getting Started

These new capabilities are now included in Sophos ZTNA available on Sophos Central. Simply login to your Sophos Central account to begin taking advantage of these new capabilities.

Review the documentation and stop by the community forums to discuss the release.

If you’re new to Sophos ZTNA, learn more at