By NHI Mgmt Group Editorial TeamPublished 2026-06-03Domain: Governance & RiskSource: Appgate

TL;DR: Cloud-routed ZTNA and SASE models that depend on a vendor-operated cloud broker keep the broker publicly reachable, which expands shared exposure and broadens the blast radius of a single flaw, according to Appgate. Direct-routed, customer-boundary enforcement changes the identity and access risk calculation by reducing discoverability and shared-service exposure.


At a glance

What this is: This is an analysis of cloud-routed ZTNA exposure and why shared broker architectures create unnecessary risk for federal access control.

Why it matters: It matters because IAM, PAM, and network access teams need to decide whether access enforcement should sit inside their boundary or in a shared cloud path that enlarges attack surface.

👉 Read Appgate's analysis of cloud-routed ZTNA exposure and direct-routed access


Context

Cloud-routed ZTNA changes the exposure model for identity-controlled access by placing a vendor-operated broker in the traffic path and keeping that broker publicly reachable. For federal environments, the issue is not only convenience or performance. It is whether the access plane itself becomes a shared target that enlarges the attack surface before policy is even evaluated.

The identity governance problem is straightforward: when enforcement sits in a multi-tenant cloud service, the blast radius of a flaw is no longer confined to one customer boundary. That matters for NHI, human IAM, and privileged access programmes alike because access architecture determines how much damage a single bypass, remote code execution flaw, or outage can create.


Key questions

Q: How should security teams reduce exposure in cloud-routed ZTNA architectures?

A: Start by identifying every cloud broker, relay, and control endpoint that sits in the access path. Then decide whether those components are acceptable public targets or whether enforcement should move inside the customer boundary. The goal is to reduce the number of shared, internet-reachable control points that can widen blast radius if a flaw appears.

Q: Why do shared ZTNA brokers increase risk for federal and regulated environments?

A: Shared brokers create a common failure domain. If one authentication bypass, remote code execution issue, or denial-of-service flaw affects the broker, many tenants inherit the exposure at once. Federal and regulated environments care about that shared blast radius because mission uptime, isolation, and accountability are all degraded when enforcement is centralized in a public service.

Q: What breaks when access enforcement depends on a publicly reachable broker?

A: The main break is the assumption that the access layer is a private control boundary. A publicly reachable broker can be scanned, stressed, and exploited before policy enforcement even begins. That undermines Zero Trust designs that assume the enforcement point is as protected as the protected resource.

Q: Who is accountable when a cloud-routed access broker fails or is compromised?

A: Accountability remains with the organisation that chose the architecture, even when the service is operated by a vendor. Teams need clear ownership for availability, incident response, change control, and exposure review. If the enforcement point is shared, accountability for the business impact cannot be outsourced along with the traffic path.


Technical breakdown

Why cloud-routed ZTNA enlarges the access plane

Cloud-routed ZTNA and SASE place the policy decision point or traffic broker in a public, vendor-operated service. That means the service must stay reachable to broker sessions, which also makes it a standing discovery target. In practical terms, the access plane is no longer just a control boundary. It becomes an externally exposed dependency with shared tenancy, shared failure modes, and a wider exploit window when authentication bypass or remote code execution appears in the broker layer.

Practical implication: Treat cloud-broker reachability as an exposure decision, not only a connectivity choice.

How direct-routed access changes visibility and blast radius

Direct-routed ZTNA keeps enforcement inside the customer boundary and removes the need for traffic to transit a shared vendor cloud broker. When combined with cloaking techniques such as Single Packet Authorization, the gateway is not fully advertised to unauthorized scanners until a valid authorization packet arrives. That reduces automated discovery, limits opportunistic targeting, and keeps compromise impact closer to the customer-controlled environment rather than a multi-tenant service front door.

Practical implication: Evaluate whether hidden enforcement points can reduce your externally visible attack surface without weakening policy enforcement.

Microsegmentation and context-aware policy still matter

Changing the transport path does not replace identity policy. AppGate’s model still relies on adaptive decisions based on identity, device, and context, plus segment-of-one access to reduce lateral movement. The difference is architectural: microsegmentation and contextual access work better when they are enforced closer to the resource and not mediated through a shared broker. In Zero Trust terms, the access decision is only as strong as the path and exposure model that carries it.

Practical implication: Pair path reduction with least-privilege segmentation and context signals rather than treating them as separate controls.


NHI Mgmt Group analysis

Cloud-broker exposure is now an identity governance problem, not just a network design trade-off. When access enforcement depends on a publicly reachable, multi-tenant broker, the control plane itself becomes part of the threat surface. That changes how teams should think about trust boundaries, because an access layer that can be scanned and attacked at scale behaves more like shared infrastructure than private enforcement. Practitioners should treat broker exposure as a governance decision with identity consequences.

Shared access infrastructure creates shared blast radius. A single vulnerability in a vendor-operated broker can affect many customers because the enforcement path is common. That is structurally different from a customer-boundary model where compromise is more contained. For IAM and PAM leaders, the meaningful question is not whether access is remote, but whether enforcement is tenant-isolated or shared across a public service. Practitioners should re-evaluate where their highest-risk access decisions are actually enforced.

Cloaking changes attacker economics by shrinking discoverability. If a gateway is invisible to unauthorized scanning until a valid authorization packet arrives, reconnaissance becomes harder and automated targeting becomes less efficient. This is not a substitute for authentication or segmentation, but it does reduce the number of ways an attacker can find and pressure the access surface. Practitioners should value reduced discoverability as a legitimate control objective, especially in machine-speed threat environments.

Zero Trust fails when the path contradicts the policy. Zero Trust is not only about who gets access, but about where the access system lives and how much of it is exposed to the internet. A direct-routed model keeps enforcement inside the customer boundary and better aligns architecture with mission ownership. The implication is that access governance, resilience, and operational control should be assessed together, not as separate buying criteria.

Cloud-routed access can obscure operational accountability. When policy enforcement and traffic brokering are outsourced into a shared service, incident handling, uptime expectations, and change control all become partially dependent on the broker operator. Federal teams should view this as an accountability issue as much as a security issue. Practitioners should prefer architectures where they can see, own, and constrain the enforcement boundary.

From our research:

  • 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, according to the 2024 ESG Report: Managing Non-Human Identities.
  • Two-thirds of enterprises have endured a successful cyberattack resulting from compromised non-human identities, with a quarter encountering multiple attacks, according to Oasis Security & ESG.
  • For a broader view of how machine and service identity exposure accumulates, read 52 NHI Breaches Analysis and compare the governance failures across real incidents.

What this signals

Cloud-routed access is becoming a governance selection, not a default architecture. As access planes absorb more identity logic, teams should assess whether broker reachability increases the number of systems they must trust before policy can be applied. The real programme question is not whether access is zero trust in name, but whether the enforcement boundary is still under direct operational control.

Identity blast radius is the useful concept here. The more customers share a public enforcement service, the more a single defect can spread across unrelated environments. That should push security leaders to map where identity decisions are made, where enforcement lives, and how much of the attack surface is visible to external reconnaissance.

Federal and highly regulated teams should expect stronger scrutiny of remote access architectures that depend on shared brokers. The operational signal to watch is simple: if a remote access layer cannot be hidden, isolated, or directly governed, it is likely expanding the organisation's exposure budget instead of shrinking it.


For practitioners

  • Map your exposed access plane Inventory every externally reachable ZTNA and SASE enforcement point, including brokers, gateways, and control endpoints. Classify which ones are shared tenancy dependencies and which remain inside your customer boundary. Suggested anchor phrase: exposed access plane.
  • Separate enforcement from shared reachability For high-value environments, test whether direct-routed access can keep policy enforcement local while avoiding a publicly reachable broker. Prioritise resources where a cloud front door would create unnecessary shared blast radius. Suggested anchor phrase: shared blast radius.
  • Use cloaking as an exposure control Where the architecture supports it, require hidden or low-discoverability gateways for sensitive segments so scanners cannot enumerate access points before authorization. Pair that with logging on authorization attempts and denied discovery traffic. Suggested anchor phrase: hidden or low-discoverability gateways.
  • Validate segmentation at the resource edge Confirm that microsegmentation and identity-aware policy are enforced close to the application or workload, not just at the network front door. Segment-of-one design is most effective when the access path and resource boundary are aligned. Suggested anchor phrase: segment-of-one design.
  • Rehearse broker failure scenarios Run scenario tests for broker outage, authentication bypass, and remote code execution in the access layer so teams can see whether mission access still works when the shared service is unavailable or compromised. Suggested anchor phrase: broker outage.

Key takeaways

  • Cloud-routed ZTNA increases exposure because the broker itself becomes a shared, reachable target.
  • Direct-routed enforcement with cloaking reduces discoverability and contains the blast radius of access-layer failures.
  • Teams should judge access architecture by where enforcement lives, how visible it is, and who truly owns the failure domain.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

NIST Zero Trust (SP 800-207), NIST CSF 2.0 and NIST SP 800-53 Rev 5 set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
NIST Zero Trust (SP 800-207)The article is fundamentally about zero trust access architecture and exposure boundaries.
NIST CSF 2.0PR.AC-4The piece focuses on how access permissions are enforced and constrained.
NIST SP 800-53 Rev 5AC-6Least privilege and controlled access are central to the article's access model discussion.

Evaluate whether your access path aligns with zero trust principles and does not expose a shared public broker.


Key terms

  • Cloud-Routed ZTNA: A ZTNA model that sends access traffic through a vendor-operated cloud broker before enforcement. It can simplify deployment, but it also creates a shared, publicly reachable dependency that broadens the attack surface and can increase blast radius if the broker is compromised or unavailable.
  • Direct-Routed Access: An access architecture where traffic is enforced inside the customer boundary instead of being backhauled through a shared cloud broker. The value is tighter operational control, lower external exposure, and a clearer trust boundary for high-sensitivity or regulated environments.
  • Single Packet Authorization: A cloaking technique that keeps a gateway effectively invisible until it receives a correctly formed authorization packet. In identity and access terms, it reduces discoverability before authentication, which can limit automated scanning and opportunistic targeting of access infrastructure.

What's in the full article

Appgate's full analysis covers the operational detail this post intentionally leaves for the source:

  • Architecture comparisons between cloud-routed and direct-routed ZTNA deployment patterns.
  • Vendor-stated federal proof points, certifications, and deployment contexts for mission environments.
  • How Single Packet Authorization is used to keep gateways invisible until a valid packet is presented.
  • The specific operational trade-offs Appgate highlights for low-latency access, tactical edge, and DDIL conditions.

👉 Appgate's full post covers the architecture details, federal use cases, and control-plane trade-offs.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
NHIMG Editorial Note
Published by the NHIMG editorial team on 2026-06-03.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org