Guides
Secure Access Help Center

Requirements for Zero Trust Access

Resource requirements for client-based zero trust access

Resources that you want users to reach using zero trust access must meet the following requirements:

  • Does not serve client-to-client traffic. Example: Peer-to-peer Voice over IP (VoIP)
  • Does not serve server-to-client traffic. Example: Remote assistance
  • Does not require a unique client IP address. Example: applications that use the SMBv1 protocol
  • Does not require SRV DNS records. Examples: Active Directory, Kerberos, SCCM
  • Does not perform an ICMP connectivity check before connecting using TCP or UDP
  • Does not have any dependencies that have any of the above constraints
  • All of the resource's dependencies must be also be defined as private resources with client-based zero trust access enabled.

Resource requirements for browser-based zero trust access

  • The certificate on the resource must be signed by a publicly recognized certificate authority (CA).

Comparison of Client-Based and Browser-Based Zero Trust Connections< Requirements for Zero Trust Access > Network Authentication for Zero Trust Access

Updated 7 months ago