Zero trust, Cloud migration, Cloud Security

Netskope Expands Universal ZTNA to Cover Every User and Device, Anywhere

Zero Trust - Zero Trust Network - Zero Trust Architecture - ZTA

Enterprises are hitting a point where old access models just don’t hold up. VPNs, NACs, and virtual desktops were built for a different era, one where users were mostly on the corporate network and devices were predictable. That world’s gone. Today’s environments are scattered across clouds, branches, and factory floors, connecting everything from laptops to industrial sensors. Netskope’s latest update to its Universal Zero Trust Network Access (UZTNA) solution platform is built for exactly that reality, giving organizations one framework to secure every user and device, managed or not, without relying on a patchwork of tools.

Evolving Beyond Legacy Access Models

The transition from legacy access tools to zero-trust frameworks has long been more aspirational than achievable for many enterprises. Migrations can be slow, costly, and disruptive, especially when organizations must support both modern and legacy applications. Netskope’s approach with UZTNA is designed to make that transition pragmatic rather than painful.

Robert Arandjelovic, Senior Director of Global Solution Strategy at Netskope, told ChannelE2E that the platform’s flexibility is what sets it apart. “Universal ZTNA uniquely enables organizations to migrate at their own pace while improving their security and user experience,” he explained. “VPN replacement is often the first step, but Universal ZTNA provides a consistent platform for extending migrations across NAC, VDI, or PAM. Some organizations will choose to replace these systems entirely, while others will complement them, for instance, by using ZTNA for modern browser-based apps while retaining VDI for older desktop-based tools.”

That balance between modernization and continuity is key. Netskope’s Device Intelligence capabilities can be introduced incrementally, giving teams visibility into unmanaged devices and IoT networks without forcing a wholesale infrastructure overhaul. Arandjelovic noted that Device Intelligence can be deployed at any point in the journey, extending security coverage to OT environments and helping enterprises gain control over devices that were previously invisible to IT.

Expanding Zero Trust to Every Device

Netskope’s new Device Intelligence technology extends UZTNA to IoT and OT devices that can’t run traditional endpoint agents, such as industrial robots, medical equipment, and connected sensors. The 5G Netskope One Gateway automatically discovers, classifies, and assesses these devices to understand posture, risk, and role within the network. With that data, security teams can apply adaptive access policies that reflect real-time conditions instead of static assumptions.

Device Intelligence also integrates with third-party network access control systems to deliver a more complete view of east-west traffic inside the network. Combined with the firewall and SSE capabilities built into Netskope One, this creates a continuous zero-trust enforcement layer that operates consistently across all environments.

Arandjelovic described Netskope’s approach as fundamentally more holistic than competitors’ point solutions. “The context-awareness Netskope delivers is differentiated by the breadth and depth of insight it provides,” he said. “Organizations gain visibility into characteristics like application instance, user behavior, and data sensitivity that others simply can’t match. This translates into precise, granular access policies applied across web, SaaS, and private apps, regardless of where the user or device is.”

That same depth of context also informs how Netskope discovers, evaluates, and secures unmanaged or agentless devices. “We enable discovery, risk assessment, and policy enforcement for IoT and OT assets that can’t host an agent,” he added, “closing a visibility gap that most ZTNA and SSE tools still struggle to address.”

Policy Automation with Human Oversight

Another major component of the update is the integration of Netskope One Copilot, an AI-driven assistant for automating policy management and optimization. Copilot continuously discovers applications, recommends granular policies, and audits configurations to help administrators streamline ZTNA deployment while maintaining compliance.

But while AI brings automation, Netskope has taken care to preserve transparency and administrator control. Arandjelovic emphasized that every recommendation Copilot makes is designed to inform, not replace, human judgment. “Copilot helps address the complexity that traditional ZTNA solutions have introduced through overly broad access rules and policy sprawl,” he said. “But in recognition of compliance and control concerns, Copilot only makes recommendations, and every one includes a detailed explanation so administrators understand and justify each proposed change.”

He added that no policies are automatically applied without review, underscoring the balance between AI assistance and governance rigor. This design gives administrators both the efficiency of automation and the confidence that comes from clear, explainable decisions.

Unlocking New Opportunities for MSPs and MSSPs

Netskope’s Universal ZTNA also creates new service models for managed security providers (MSPs and MSSPs) supporting hybrid enterprises. By consolidating access, policy, and visibility under one platform, partners can scale secure access services without adding operational complexity.

“Our MSP and MSSP partners are using Universal ZTNA to help customers replace or supplement legacy infrastructure at their own pace,” said Arandjelovic. “They can assess the maturity of each customer’s VPN, NAC, or VDI investments and determine whether to integrate, replace, or complement those systems. Device Intelligence, in particular, allows partners to deploy visibility and control across IT, OT, and IoT networks through the Netskope One Gateway.”

This unified foundation simplifies management for service providers while expanding what they can offer, from secure remote access to IoT risk monitoring and zero trust segmentation, all through the same policy engine and console.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.
Suparna Chawla Bhasin

Suparna is the Senior Managing Editor for CyberRisk Alliance’s Channel Brands, including MSSP Alert and ChannelE2E. She manages content development, sharpens editorial workflows, and ensures storytelling is tightly aligned with audience needs. With a background in technology, media, and education, she combines strategic insight with creative execution.

You can skip this ad in 5 seconds