# Zero Trust Network Access (ZTNA)

{% hint style="warning" %}
For ZTNA to work properly on the Digibee Integration Platform, certain settings are required. Take a look at the [requirements documentation](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/prerequisites-ztna) for more details.
{% endhint %}

## How ZTNA works

### Concepts

To understand how ZTNA works in the Digibee Integration Platform, you need to be familiar with the following concepts:

* **Edge Router:** verifies who is allowed to access your internal network, applies security rules, and helps divide the network into smaller, secure sections.
* **Fabric:** connects all the parts of your network together, ensuring they work smoothly and securely. It enforces security policies in the network, regardless of the location of users or devices.
* **MTLS (Mutual TLS)**: mTLS simplifies operations by ensuring only verified users or devices can access the network, reducing the chance of attacks. It ensures that both sides of a connection are authenticated before they communicate.&#x20;

The integration of ZTNA, Edge Routers, and smart routing solutions creates a network that guarantees both security and high performance. The diagram below illustrates how ZTNA operates within the Platform:

<figure><img src="https://content.gitbook.com/content/jvO5S91EQURCEhbZOuuZ/blobs/mi2NeKtdT132DAIFjQsI/ztna_architecture.jfif" alt=""><figcaption><p>Diagram representing the ZTNA architecture at Digibee Integration Platform</p></figcaption></figure>

## First steps

To set up your ZTNA connection for the first time, follow the steps below:

1. [Create an Edge Router](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/new-connections) in the Digibee Integration Platform.
2. Create a Virtual Machine (VM) instance using the Edge Router image within your infrastructure.
3. Use a [Registration Key ](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/new-keys)provided in the Digibee Integration Platform to register the Edge Router instance created in the previous step.
4. Set up your Endpoints in the Digibee Integration Platform.

From this initial configuration, your ZTNA connections will be automatically associated with Digibee's infrastructure.

### Inverse Flow

**Inverse Flow** in the Digibee Integration Platform allows you to execute calls from your infrastructure to internal pipelines within the Platform using ZTNA.&#x20;

If your integration requires the use of Inverse Flow, please contact the Support team to request the activation of this configuration. You must provide your Edge Router details for registration:

* The IP or DNS of the Edge Router you have configured in your infrastructure.&#x20;
* The port to send traffic to.

## How to use ZTNA

With ZTNA, you can configure safe connections between different parts of the network independently, without needing assistance from the Support team. This provides greater flexibility and agility when configuring secure network environments.

Check the documentation below to learn how to set up your ZTNA connections and routes.

### Connections (Edge Routers)

* [How to view connections](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/view-connections)
* [How to add new connections](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/new-connections)
* [How to delete connections](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/delete-connections)

### Routes (Network mapping)

* [How to view routes](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/view-routes)
* [How to add new routes](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/new-routes)
* [How to edit routes](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/edit-routes)
* [How to delete routes](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/delete-routes)
* [How to add routes in batch for ZTNA](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/routes-batch)

### ZTNA configurations and operations

* [How to generate new keys](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/new-keys)
* [How to change the environment](https://docs.digibee.com/documentation/developer-guide/connectivity-management/ztna/change-env)