What this pilot is for
This pilot is for organisations that want more granular access to internal apps without opening broad VPN tunnels or committing immediately to a wider access programme. Aimed at validating Zero Trust Network Access for one application or a small user group so the client can test policy-based access, user experience, and rollback before broader access transformation.
What you get
- Discovery workshop for the target application, users, flows, and success criteria
- Connection of the chosen identity provider to the scoped ZTNA policy path for the pilot scope
- Publication of one internal app or limited access path with baseline policies and validation evidence
- Close-out summary with findings, constraints, and phased next-step recommendations
Typical outcomes
- A practical proof point for per-app or cohort-based access control
- Clearer evidence on user experience, policy fit, and rollback readiness
- A safer basis for planning broader access modernisation
Typical pilot scope
A focused ZTNA pilot for one application or one agreed user group. Final scope, assumptions, exclusions, validation contacts, and rollout boundaries are confirmed through intake and the SoW.
Best fit
- Organisations wanting more granular access to internal apps than a broad VPN model provides
- Teams looking for a low-risk first step into application-level access control
- Environments able to provide a defined target application or small user cohort with named validation contacts
Prerequisites
- Administrative access to the chosen identity provider and ZTNA platform or trial
- A defined target application or pilot cohort with named owner and validation contacts
- Connector / egress prerequisites, change window, and rollback expectations agreed before work begins
Assumptions and boundaries
- The pilot is limited to one application or one agreed user group only
- This pilot does not include organisation-wide VPN replacement, full SASE rollout, or broad BYOD policy work
- The final engagement detail, assumptions, exclusions, and validation boundaries are confirmed in the SoW before work begins
Common risks we look for
- Legacy authentication or app-specific quirks complicating access flow
- Connector or egress constraints preventing stable pilot validation
- User friction being higher than expected for the initial cohort
- The pilot being treated as a full access-modernisation programme without formal re-scope
What happens after the pilot
If the pilot confirms the right direction, Virtus can help you plan the next applications or cohorts, policy patterns, and the next appropriate managed or project path.
Roll into managed → Network Security Management
Start pilot scoping
Use the intake form to tell us about your current environment, priorities, and the outcome you want to achieve. If the scope looks suitable, we will confirm the next step and send the SoW for approval.
Start pilot scoping
