Gartner: Zero Trust Will Replace Your VPN by 2025

Gartner study finds that zero trust network access is the security framework of the future and will replace virtual private networks by 2025.

Sandra MacGregor, Contributor

October 19, 2022

4 Min Read
3D illustration of a blue network with icons and the text zero trust written on the front. Black background. Concept of secured network.
Olivier Le Moal / Alamy Stock Photo

Zero Trust Network Access (ZTNA) is the fastest-growing segment in network security and is forecast to grow 31% in 2023, according to a Gartner study. The research firm notes that this is up from less than 10% at the end of 2021. 

The zero trust framework continues to gain interest in the data center industry due to the acceleration of the demand for “work from anywhere” network access fueled by the coronavirus pandemic.

The growth will continue as organizations become familiar with ZTNA and elect to deploy it for office workers as well. Gartner predicts that the transition from virtual private networks (VPNs) to zero-trust network access will continue, so that by 2025 at least 70% of new remote access deployments will rely on ZTNA rather than VPN services.

AFCOM, the professional association for data center and IT professionals, recently asked members about zero trust security models and interest in the framework increased from 56% in 2021 to 79% in 2022’s survey.

Zero Trust AFCOM Stats 2022.png

Zero Trust AFCOM Stats 2022

What’s Important to Know About Zero Trust

With the rise in remote work and the continuing threat of cyber attacks, companies are constantly searching for better security frameworks. A zero-trust network is a blanket term that simply means that a business (especially those that house sensitive information like data centers) adopts a stringent, multi-tiered approach to network security that assumes no user is automatically trustworthy.

Related:Report: Cloud Security Breaches Surpass On-Prem Ones for the First Time

This rigorous “trust no one” security framework requires that all users, whether they are inside or outside of a business’s network, must be continuously validated using multiple authentication methods, and even lateral moves within a network must be continuously reassessed and reauthorized.

Related: Download our free report, Zero Trust and the Modern Enterprise

Rik Turner, senior principal analyst at Omdia, agrees that zero-trust network access is the next evolution in security. “Omdia calls it simply ZTA because we think Gartner got it wrong, in that the modern remote access paradigm is no longer about requesting access to a network (so no need for the ‘N’), as was the case with VPNs in the old world. Rather, remote users are requesting access to applications, regardless of which network(s) they traverse to get to them. Indeed, nine times out of 10 they don’t actually know which networks they’ll be crossing to get there.”

Though Turner does believe ZTA is the future of cyber security, he’s more cautious about the timeline. “Now, whether Gartner’s stats are correct or not remains to be seen, though the report is only talking about new remote access deployments, so maybe the 70% figure is right. The global VPN market is anywhere from $25 billion to $40 billion a year, depending on how you slice and dice it and whether you consider service provider-managed VPNs or not, so it’s going to take a while for ZTA to eat a huge slice of the VPN pie, but that is definitely the trend going forward.”

It's worth noting that in 2021 President Joe Biden made zero trust a key element of his executive order to modernize and harden US cybersecurity positioning, stating that “To keep pace with today’s dynamic and increasingly sophisticated cyber threat environment, the Federal Government must …adopt security best practices; advance toward Zero Trust Architecture…”

Implementing a Zero Trust Framework

Turner highlights three key reasons he believes zero trust access will overtake VPNs as the preferred security strategy for the cloud era.

  • VPNs are less secure, as evidenced by the frequent stories of different VPNs being breached.

  • VPNs, if self-managed rather than from a service provider, are less efficient in their use of corporate bandwidth, because they require traffic to go through a VPN concentrator in the corporate data center, even if the app being access is in the cloud (a phenomenon variously known as hairpinning or tromboning).

  • These days ZTA is bundled into both SASE and SSE offerings, which helps push more into the market.

It’s important for companies interested in exploring ZTNA to understand that the zero-trust approach is as much a way of thinking as it is a concrete security strategy

“A ZT framework is a much broader undertaking than just deploying ZTA, and in a sense, ZTA may be a useful on-ramp,” says Turner. “ZT is essentially a mindset regarding cybersecurity and perhaps the easiest way to approach it is to see which parts of your business stand to gain most from the introduction of a ‘Never Trust, Always Verify, and Continuously Monitor’ mantra.”


About the Author(s)

Sandra MacGregor


Sandra MacGregor is a Canadian writer with a keen interest in technology, travel, and finance. Her fascination with tech stems from its transformative power and its role in shaping our future. Sandra's diverse background includes a law degree, which has honed her analytical skills and deepened her appreciation for the complexities of the digital world.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like