From time to time we see customer issue with applications that are configured for ZTNA in some form, and the root cause for those problems can be an application design that renders the application unusable over ZTNA.

Broadcom ZTNA and some on-premise custom or off-the-shelf applications accessed via WSS Agent and Segment applications.

A legacy application designed to work on a LAN that becomes extremely slow when accessed via ZTNA: in the specific case we encountered the application was a Win32 SQL client making calls to a remote SQL server on the LAN.

The customer provided some PCAP and we could see that the loading of the application was making hundreds of SQL calls during the startup phase.

Whilst those calls each returned a response within a few milli-seconds on the LAN, the added latency accessing the application over the Internet (between 15 and 20ms) turned the LAN load time from 5~7 seconds to 50~70 seconds, which gave the user the impression that the application was not working, but it was, with the 5~15 x latency.

A later version of the application is available with a web-front end that is compatible with ZTNA.

In the mean time the SQL application could not be used, because of the application design rather than any problem with ZTNA itself.