Ziti network vs Azure on premise data gateway

This came up in conversation today, where I was unsure of how to highlight the key points of difference.

Let me know if anyone has any suggestions re pros can cons vs ziti.

Key considerations include

  • integrated identity management
  • transport layer encryption
  • end point routing
  • granular service level access

I’m not knowledgeable about Azure Data Gateway, but it doesn’t appear to be similar. Ziti can be implemented as any combination of “network access”, “host access”, or “app access”. “Gateway” implies “network access” i.e. network-zone-based access control. Azure’s summary indicates that their Data Gateway behaves like a bridge between users and Azure cloud services. It sounds like ADG is an Azure-tailored solution for zone-based access control where the only destinations are Azure cloud services. This is comparatively narrow in scope to what Ziti can do.

1 Like

Second that. My brief check is that it provides outbound bridging from customer DC to Azure. This only 1/2 of 1 of the superpowers of OpenZiti (making services dark, but only customer, not Azure DC)… none of the others is done - https://www.youtube.com/playlist?list=PLMUj_5fklasKF1oisSSuLwSzLVxuL9JbC

1 Like

Thanks for the further details.. it is very helpful.

When I talk with people, what I find is that the topic quickly gravitates to a specific thing, especially for a technical person

isn't it the same as a vpn
ADG also has only inbound calls
I can do the same with a private network

which provides a sense of confidence that its comparable.. but in fact.. they are not

One of the other issues I have realised is .. the bias to satisfice that.. our security is good enough.. so why do we need any more

getting people to realise the importance of higher levels of control around security is a big stumbling block
especially as, why would it not be good enough if we are already using the "best practices"

Then there is the overconfidence bias.. well... we are already spending so much $$$ on security.. it must be really really good and all sorted

I think this is a really important one to open up more discussion around especially for non technical people
as in their mind, higher costs is directly proportional to higher quality