Accessing agentless ZTNA applications

You can access agentless ZTNA applications from the navigation bar or from the User portal.

For the Admin user, the navigation bar displays ZTNA Application Name (example: Splunk) if the Display on Admin Portal app Launcher checkbox was selected.

For end users, accessing the protected ZTNA app is rather simple. When they are on network, they will have regular access to the app and will not need to go through the Forcepoint ONE SSE or be proxied. When a user is off network, since there is no VPN requirement, the user will need to login to the Forcepoint ONE SSE and launch the protected internal app from the app tile.

This will ensure that a user off network will not be able to access the application unless going through the Forcepoint ONE SSE. Once they click the tile, they will be routed through the ZTNA connector and proxied while accessing the app. This process allows admins to control access to internal apps granularly and apply inline DLP to those apps. Admins can configure policies to block or restrict access to internal apps based on who that user is (user/group) the device they are using (managed or unmanaged) as well as their current location.