I think you should stay with one vendor instead of miixing two vendor. Both Cisco and Fortinet provide solutions that align with these principles, albeit through different products and integrations. Cisco's SSE offering is part of its broader Secure Access Service Edge (SASE) framework, which integrates networking and security functions in the cloud. Cisco Umbrella, Cisco Duo, Cisco Secure Access by Duo, Cisco Anyconnect.

Fortinet's FortiGate firewalls offer a wide range of security features that support ZTNA and ZTA, including, FortiOS, FortiAuthenticator, FortiClient, FortiGate ZTNA.

Achieving ZTNA and ZTA involves integrating these components to enforce security policies that verify every access request based on user identity and device health, regardless of where the request originates. it's possible to achieve ZTNA and ZTA use cases with Cisco SSE and FortiGate firewall, but it's a complex integration.

Before diving into the integration, let's clarify the terms:

ZTNA (Zero Trust Network Access): A security architecture where access to applications and resources is granted on a per-user, per-device, and application basis, with continuous verification of trust.
ZTA (Zero Trust Architecture): A broader security framework that extends beyond network access, encompassing all aspects of IT infrastructure and operations.

Role of Cisco SSE and FortiGateCisco SSE (Secure Access Service Edge): A cloud-based service that provides secure and remote access to applications and data. It typically includes features like ZTNA, SWG, CASB, and more.
FortiGate Firewall: A traditional network security appliance that protects networks from external threats. It offers features like firewall, VPN, IPS, and more.

To achieve a comprehensive ZTNA and ZTA solution,

you'll likely need to integrate Cisco SSE and FortiGate:

ZTNA:
Cisco SSE provides the core ZTNA functionality, including user authentication, authorization, and access control.
FortiGate can be used for additional security measures like IPS, WAF, and threat intelligence sharing with SSE.

ZTA:
Cisco SSE can enforce zero trust principles for application access.
FortiGate can contribute to overall zero trust by securing network segments and endpoints.

Integration Challenges

While it's technically possible to integrate Cisco SSE and FortiGate, it requires careful planning and configuration:

Complex integration: Integrating two different security platforms can be challenging and time-consuming.
Overlapping functionalities: Both products offer some overlapping features, which can lead to redundancy or conflicts.
Management complexity: Managing two separate security infrastructures can be complex.

Alternative Approaches

Depending on your specific requirements, you might consider alternative approaches:

Fully relying on Cisco SSE: If your primary focus is user and application access, Cisco SSE might be sufficient on its own.
Using a single vendor platform: Some vendors offer comprehensive security platforms that include both ZTNA and network security capabilities.

In conclusion, while it's possible to achieve ZTNA and ZTA with Cisco SSE and FortiGate, it's essential to carefully evaluate your specific needs and consider the complexity of the integration.