A customer needs to implement device posture checks for their remote endpoints while accessing the protected server. They also want the TCP traffic between the remote endpoints and the protected servers to be processed by FortiGate. In this scenario, which three setups will achieve the above requirements? (Choose three answers)

A. Sync ZTNA tags from FortiSASE to FortiGate.
B. Configure ZTNA tags on FortiGate.
C. Configure FortiGate as a zero trust network access (ZTNA) access proxy.
D. Configure ZTNA servers and ZTNA policies on FortiGate.
E. Configure private access policies on FortiSASE with ZTNA.

Correct Answer: A,C,D

Brave-Dump Clients Votes

ACD 100%

Comments

Rabin Suwal 2025-06-02 19:47:13

Selected Answers: A, C, D

you never configure ZTNA tags on FGT. TAGS are creted on SASE and synced with FGT

Soroush Enayatiheris 2025-06-12 19:43:49

Selected Answers: A, C, D

Agent-based ZTNA
Zero trust network access (ZTNA) application gateways and applications are key components in the FortiSASE ZTNA solution for agent-based remote users. A ZTNA application gateway serves as a secure entry point that mediates the connection between remote users and internal ZTNA applications. A ZTNA application represents the actual application or service that remote users attempt to access. A ZTNA application can be any internal web or enterprise application, cloud service, or on-premise resource. A ZTNA application gateway acts as a reverse proxy, ensuring that only authorized and compliant users can access ZTNA applications based on security policies that the organization defines. You can configure a FortiGate to serve as the ZTNA application gateway.