Zero Trust Network Access for On-Premises Users

Modernize secure access to all applications for your on-premises users with ZPA Private Service Edge. Bring the power of ZTNA on-premises with least-privileged access to private apps, connecting users directly to applications.


Excessive trust of office users creates risk

Private applications are the heart of every enterprise, but your organization can be left exposed to risk if your network and security teams confer inherent trust to users sitting in your headquarters or a branch office. That’s why you need to be able to limit trust.

The challenge of providing ZTNA for office users
Network segmentation is complex

Defining segments and using internal firewalls can be complex and time-consuming, even for simple tasks.

Overprivileged access is risky

Connecting a user to a data center network leads to additional security concerns.

Your workforce requires different access levels

Your users include local and remote employees as well as third-party users.

branch office
Local users want local access

If a user at HQ needs access to an app in the local data center, it may not make sense to go out to a cloud ZTNA service.

What’s Inside

ZTNA goes local with ZPA Private Service Edge

ztna goes local with private service edge

Zero trust network access (ZTNA) services provide secure access to internal applications based on user-to-hostname policies, but many services are limited to your remote users.

Zscaler Private Access™ (ZPA™), our cloud-delivered ZTNA service, can be extended to your data center or public cloud edge with ZPA Private Service Edge.

ZPA Private Service Edge is a simpler way to enable secure access to private apps, with an identical experience whether users are local or remote, accessing apps in your data center or the cloud.

What ZPA Private Service Edge means for you
Simplified segmentation

Move away from “source-IP-to-destination-IP” firewall rules in favor of “user-to-hostname” policies.

Protection for private apps

Create one-to-one connections between an authorized user and a specific private app to minimize lateral movement.

cloud down
Streamlined compliance

Comply with any regulations that prevent the use of cloud-hosted technology.

user experience
Fast user experience

Seamlessly connect users through the local ZTNA service, optimizing performance.


Nicholas Pandola

Global Dir. of Information Security, Trinseo
“[With ZPA Private Service Edge,] we could extend the zero trust access capabilities of the public ZPA cloud with software that can run in our own network. We’re now able to better protect our business-critical private apps, and deliver the best user experience possible.”

ZPA Lets You Return to Office with Confidence

Learn from experts how to combat risk and secure local connections for evolved application access, anywhere, with ZTNA.

dots pattern

Schedule a custom demo

Let our specialists show you how ZPA can quickly and securely transform your operations with zero trust network access.