Use Case #1 - User logging in from an unknown device

In VPN once the user is authenticated, they will be granted full access to the corporate network, regardless of the device they are using.

In ZTNA, the user will be prompted to complete additional security measures, such as multi-factor authentication or device registration, before being granted access to specific applications or resources.

Use Case #2 User accessing a sensitive application from a public Wi-Fi network

In VPN, the user's traffic will be encrypted and tunneled to the corporate network, but there is still a risk that the public Wi-Fi network could be compromised and the user's data could be intercepted.

In ZTNA, the user will be required to complete additional security measures, such as risk assessment(cyber attack, man-in-the-middle attack, malicious software, rouge access point), before being granted access to the application. This helps to ensure that only authorized and secure devices are accessing sensitive resources.

Use Case #3 User accessing a restricted application from an unapproved location

In VPN, once the user is authenticated, they can access any application or resource on the corporate network, regardless of their physical location.

In ZTNA, the user will be denied access to the application unless they connect from an approved location.

Use Case #4 User attempting to access a resource outside of authorized business hours

In ZTNA the user's access to resources may be restricted based on the organization's policies and rules around business hours and remote access.

In VPN, once the user is authenticated, they will have access to resources on the corporate network at any time, even outside of normal business hours.