Zero Trust Network Access (ZTNA) Never trust. Always verify.

A VIP guest list for secure access to work resources.
Zero Trust Network Access from Jamf protects a person using an iPhone and MacBook.

No credentials or authorization? No access.

App-specific access to devices and users that meet requirements.

ZTNA restricts access to corporate resources and ensures devices only access resources after successful user authentication and verification that the device is free from threats. Each app, service and data request also requires verification to gain access. All while ensuring data is independent from devices.

Zero trust network access means end-users such as this person using a MacBook can rest assured that their privacy is protected.

Context-aware access policies

Control user access to organizational resources and networks based on their context, like:

  • Complies with IT policy
  • Connection is encrypted
  • User's ID is confirmed

Jamf's context-aware access delivers:

  • Policies that allow or deny access based on requirement attestation
  • Granular configuration or requirements for authorizing enrolled devices
  • Always-on, low-latency secure connections enforce end-user privacy
  • Uniform policy enforcement across data centers, clouds and SaaS apps


An Advanced Guide to Identity Management and Security

Learn how identity management goes well beyond authentication and authorization as organizations look to leverage user identities as a path to reaching their zero-trust security goals.


Mobile Threat Defense for Beginners

Apple builds one of the strongest out-of-the-box secure platforms on the market, and as Apple devices and fleets increase within enterprises and organizations so do threats that target Apple devices and operating systems. Arm yourself with Jamf.

Manage risk, not infrastructure.

The benefits of using Jamf ZTNA

ZTNA keeps organizations and employees safer by providing more security measures than VPN does: multi-factor authentication, encryption, and policy-based access controls.

Using Jamf for remote access ZTNA delivers:

  • Real-time assessment of risk data that evaluates device health and ensures compromised endpoints are not accessing sensitive information

  • Cloud-based infrastructure integration without complex hardware or software to manage or expensive support contracts

  • Intelligent split-tunneling technology that preserves privacy while ensuring business connections are secure

  • Seamless reconnections after disruptions while maximizing battery and performance

An employee accesses work resources on a MacBook after presenting correct credentials on a verified device.

How do you implement ZTNA?

Jamf Connect's ZTNA, using the Wireguard VPN protocol for packet routing, can be deployed to iOS, iPadOS, Android, macOS and Windows devices with the Jamf Trust app.

ZTNA is enabled and managed through the Jamf Security Cloud portal and can be deployed alongside other Jamf security products and capabilities, such as Jamf Protect.

You'll need:

  • A third-party identity provider (IdP)
  • Jamf Trust app-installed devices
  • Jamf Security Cloud