Use case 1:
ZTNA makes accessing enterprise applications like firewalls, and app servers easier.
Instead of having to login via VPNs, sysadmins with the right level of authorization can directly access these resources after verifying their identity through a suitable multi-factor authentication process.
This makes access to these assets more secure, by reducing the attack surface and the risk of credential-based attacks. It also speeds up the process--VPNs sometimes impact connection speed, and require multiple logins if the connection fails.
Use case 2:
If your organization frequently has visitors or third-parties visiting the office and accessing networks, ZTNA can help ensure your assets are kept safe from unauthorized access.
Guest users will be granted basic access to your network. This will allow them to connect to your corporate internet, with the least privileges, to carry out their work.
Meanwhile, the tools implemented as part of your ZTNA will ensure that only the assets and users with suitable authorization can access your organization's resources.
Use case 3:
In the event of an organization device being infected by malware, you need to isolate that device ASAP to prevent damage and data leakage.
In a typical security set up, these tasks would need to be done manually after an alert is raised. However, if you've implemented all the pillars of a ZTNA, this could be done automatically by your security tools.
The moment your device monitoring or security tool detects an infection, it lowers the "trust score" of the infected asset (or raises an alert to the session management tool). This terminates the device's access automatically.