Zero Trust Network Access

Provide access to your applications, not your entire network

Zero Trust Network Access is built on the principle of least-privileged access where no user or application is inherently trusted. Instead, they are provided with only the most granular access required to perform their function.

Traditionally IT security models have granted access to applications and data by implied trust - users are able to access a network and therefore they are able to access applications and data on that network, broadening the attack surface and allowing for lateral movement after a breach occurs.

The traditional method also had flaws with experience as the users had to rely on connection tools like a VPN for remote access which is both cumbersome and creates yet again another attack vector.

The Instillery is New Zealand’s leading Zscaler partner and provider of Zero Trust solutions. We believe that zero trust extends beyond users connecting to applications and identifying and controlling how applications communicate with each other, and how multi-cloud, hybrid cloud and branches integrate into this solution.

The rapid increase of Work-From-Anywhere has accelerated Zero Trust adoption, broken down misconceptions and overcame objections. We specialise in integrating zero trust into your existing network, providing roadmaps to enhance your posture over time and implementing strategies such as strict isolation for legacy network segments that are not immediately able to adopt a zero-trust posture. For others, we can help you ditch the corporate WAN altogether!

We strategically select partners based on their ability to exceed market expectations around cloud security innovation and customer experience. We’re delighted to join forces with The Instillery who are expert in their field and deliver best-of-breed solutions to their enterprise and mid-market customer base.

Scott Robertson

Vice President - Asia Pacific & Japan, Zscaler

How We Do It

Least-privilege access

Discovering your application estate and constructing a least-privilege access model creates the foundation for ZTNA.

Identity integration

SSO and provisioning through integration with IAM systems ensure a frictionless user experience.

Context-based access

Providing ZTNA more context beyond the identity of the user by validating the trustworthiness of the device they’re using or crafting policies based on the network they’re connected to.

SASE Optimised

Performance cannot be compromised with ZTNA. We optimise network integration with Zscaler’s SASE platform through design and implementation.

Application fingerprinting

Defining an application goes beyond simply a port or protocol. We create a granular application fingerprint to minimise the access users to the least degree required.

Logging & reporting

Insights and monitoring are key to refining a ZTNA architecture. Integrating with our SOC & SIEM services or your own, ZTNA provides a wealth of telemetry data.

Legacy isolation

Legacy applications don’t need to be a roadblock. Our SD-WAN service provides strict isolation for legacy applications and SASE network integration for ZTNA.

What We Offer

Assessment & discovery

If you’re just at the start of your journey, we have the most qualified consultants available to work with you to understand your current security posture and application estate.

Design & advice

A successful ZTNA implementation starts with the right design and planning process. We work with you to build a roadmap that works for your environment. As cloud experts, we look at how your network can evolve and integrate into your broader digital strategy.


We are uniquely qualified to roll out ZTNA across your users. As the only Zscaler partner in NZ qualified to fulfil professional services on their behalf, our team has been audited by Zscaler and now performs rollouts around the globe,


On the surface, it may appear that all the hard work is done upfront, however, maintaining a ZTNA posture requires ongoing expertise and focus to ensure “any-any” configurations don’t slip back in. We can also provide managed SD-WAN and SOC/SIEM services all integrated with the Zscaler Zero Trust platform.