{"id":37,"date":"2025-06-25T09:23:33","date_gmt":"2025-06-25T09:23:33","guid":{"rendered":"https:\/\/tham098.thamtuuytin.org\/?p=37"},"modified":"2025-06-25T09:23:33","modified_gmt":"2025-06-25T09:23:33","slug":"zero-trust-network-access-ztna-the-future-of-secure-remote-access-2","status":"publish","type":"post","link":"https:\/\/tham098.thamtuuytin.org\/?p=37","title":{"rendered":"Zero Trust Network Access (ZTNA): The Future of Secure Remote Access"},"content":{"rendered":"<p data-start=\"354\" data-end=\"516\">As organizations continue to adopt remote work, cloud services, and hybrid IT infrastructure, the traditional perimeter-based security model is becoming obsolete.<\/p>\n<p data-start=\"518\" data-end=\"693\">Employees are no longer working behind firewalls. Applications are no longer hosted in just one data center. And users, devices, and networks can no longer be blindly trusted.<\/p>\n<p data-start=\"695\" data-end=\"805\">That\u2019s why <strong data-start=\"706\" data-end=\"742\">Zero Trust Network Access (ZTNA)<\/strong> is becoming the gold standard for secure connectivity in 2025.<\/p>\n<hr data-start=\"807\" data-end=\"810\" \/>\n<h2 data-start=\"812\" data-end=\"828\">What Is ZTNA?<\/h2>\n<p data-start=\"830\" data-end=\"1016\"><strong data-start=\"830\" data-end=\"866\">Zero Trust Network Access (ZTNA)<\/strong> is a security framework that provides <strong data-start=\"905\" data-end=\"967\">secure, identity-based access to applications and services<\/strong>, without ever placing the user \u201con the network.\u201d<\/p>\n<p data-start=\"1018\" data-end=\"1270\">ZTNA follows the principle of <strong data-start=\"1048\" data-end=\"1081\">\u201cnever trust, always verify.\u201d<\/strong> Unlike traditional VPNs, which grant broad access to internal networks, ZTNA grants <strong data-start=\"1166\" data-end=\"1198\">granular, per-session access<\/strong> to specific resources \u2014 based on identity, device posture, and context.<\/p>\n<hr data-start=\"1272\" data-end=\"1275\" \/>\n<h2 data-start=\"1277\" data-end=\"1326\">Why Organizations Are Replacing VPNs with ZTNA<\/h2>\n<ul data-start=\"1328\" data-end=\"1698\">\n<li data-start=\"1328\" data-end=\"1396\">\n<p data-start=\"1330\" data-end=\"1396\"><strong data-start=\"1330\" data-end=\"1360\">VPNs are overly permissive<\/strong>, increasing lateral movement risk<\/p>\n<\/li>\n<li data-start=\"1397\" data-end=\"1480\">\n<p data-start=\"1399\" data-end=\"1480\"><strong data-start=\"1399\" data-end=\"1430\">ZTNA reduces attack surface<\/strong> by hiding applications from the public internet<\/p>\n<\/li>\n<li data-start=\"1481\" data-end=\"1557\">\n<p data-start=\"1483\" data-end=\"1557\"><strong data-start=\"1483\" data-end=\"1509\">Better user experience<\/strong> with lower latency and simpler authentication<\/p>\n<\/li>\n<li data-start=\"1558\" data-end=\"1614\">\n<p data-start=\"1560\" data-end=\"1614\"><strong data-start=\"1560\" data-end=\"1577\">Scales better<\/strong> with cloud, SaaS, and BYOD devices<\/p>\n<\/li>\n<li data-start=\"1615\" data-end=\"1698\">\n<p data-start=\"1617\" data-end=\"1698\"><strong data-start=\"1617\" data-end=\"1661\">Aligns with Zero Trust security mandates<\/strong> from frameworks like NIST SP 800-207<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"1700\" data-end=\"1815\">ZTNA ensures <strong data-start=\"1713\" data-end=\"1757\">only verified users on compliant devices<\/strong> can access what they\u2019re authorized to \u2014 no more, no less.<\/p>\n<hr data-start=\"1817\" data-end=\"1820\" \/>\n<h2 data-start=\"1822\" data-end=\"1839\">How ZTNA Works<\/h2>\n<ol data-start=\"1841\" data-end=\"2238\">\n<li data-start=\"1841\" data-end=\"1880\">\n<p data-start=\"1844\" data-end=\"1880\"><strong data-start=\"1844\" data-end=\"1878\">User requests access to an app<\/strong><\/p>\n<\/li>\n<li data-start=\"1881\" data-end=\"2059\">\n<p data-start=\"1884\" data-end=\"1936\"><strong data-start=\"1884\" data-end=\"1934\">ZTNA controller validates identity and context<\/strong><\/p>\n<ul data-start=\"1940\" data-end=\"2059\">\n<li data-start=\"1940\" data-end=\"1972\">\n<p data-start=\"1942\" data-end=\"1972\">User identity (via SSO, MFA)<\/p>\n<\/li>\n<li data-start=\"1976\" data-end=\"2030\">\n<p data-start=\"1978\" data-end=\"2030\">Device posture (antivirus, OS version, encryption)<\/p>\n<\/li>\n<li data-start=\"2034\" data-end=\"2059\">\n<p data-start=\"2036\" data-end=\"2059\">Location and risk level<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"2060\" data-end=\"2238\">\n<p data-start=\"2063\" data-end=\"2117\"><strong data-start=\"2063\" data-end=\"2115\">If approved, access is granted via secure tunnel<\/strong><\/p>\n<ul data-start=\"2121\" data-end=\"2238\">\n<li data-start=\"2121\" data-end=\"2189\">\n<p data-start=\"2123\" data-end=\"2189\">User connects only to the authorized app, not the entire network<\/p>\n<\/li>\n<li data-start=\"2193\" data-end=\"2238\">\n<p data-start=\"2195\" data-end=\"2238\">App remains invisible to unauthorized users<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<p data-start=\"2240\" data-end=\"2330\">This creates a <strong data-start=\"2255\" data-end=\"2273\">microperimeter<\/strong> around each application \u2014 drastically reducing exposure.<\/p>\n<hr data-start=\"2332\" data-end=\"2335\" \/>\n<h2 data-start=\"2337\" data-end=\"2364\">Key Capabilities of ZTNA<\/h2>\n<ul data-start=\"2366\" data-end=\"2760\">\n<li data-start=\"2366\" data-end=\"2432\">\n<p data-start=\"2368\" data-end=\"2432\"><strong data-start=\"2368\" data-end=\"2396\">Application segmentation<\/strong>: Only grant access to needed apps<\/p>\n<\/li>\n<li data-start=\"2433\" data-end=\"2497\">\n<p data-start=\"2435\" data-end=\"2497\"><strong data-start=\"2435\" data-end=\"2462\">Device posture checking<\/strong>: Block outdated or risky devices<\/p>\n<\/li>\n<li data-start=\"2498\" data-end=\"2565\">\n<p data-start=\"2500\" data-end=\"2565\"><strong data-start=\"2500\" data-end=\"2527\">Adaptive access control<\/strong>: Context-aware enforcement policies<\/p>\n<\/li>\n<li data-start=\"2566\" data-end=\"2629\">\n<p data-start=\"2568\" data-end=\"2629\"><strong data-start=\"2568\" data-end=\"2589\">Encrypted tunnels<\/strong>: Protect traffic between user and app<\/p>\n<\/li>\n<li data-start=\"2630\" data-end=\"2691\">\n<p data-start=\"2632\" data-end=\"2691\"><strong data-start=\"2632\" data-end=\"2660\">User and session logging<\/strong>: For compliance and auditing<\/p>\n<\/li>\n<li data-start=\"2692\" data-end=\"2760\">\n<p data-start=\"2694\" data-end=\"2760\"><strong data-start=\"2694\" data-end=\"2733\">Integration with identity platforms<\/strong>: Leverage existing SSO\/MFA<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"2762\" data-end=\"2765\" \/>\n<h2 data-start=\"2767\" data-end=\"2801\">ZTNA vs VPN: A Quick Comparison<\/h2>\n<div class=\"_tableContainer_16hzy_1\">\n<div class=\"_tableWrapper_16hzy_14 group flex w-fit flex-col-reverse\" tabindex=\"-1\">\n<table class=\"w-fit min-w-(--thread-content-width)\" data-start=\"2803\" data-end=\"3452\">\n<thead data-start=\"2803\" data-end=\"2894\">\n<tr data-start=\"2803\" data-end=\"2894\">\n<th data-start=\"2803\" data-end=\"2830\" data-col-size=\"sm\">Feature<\/th>\n<th data-start=\"2830\" data-end=\"2858\" data-col-size=\"sm\">Traditional VPN<\/th>\n<th data-start=\"2858\" data-end=\"2894\" data-col-size=\"sm\">Zero Trust Network Access (ZTNA)<\/th>\n<\/tr>\n<\/thead>\n<tbody data-start=\"2988\" data-end=\"3452\">\n<tr data-start=\"2988\" data-end=\"3080\">\n<td data-start=\"2988\" data-end=\"3015\" data-col-size=\"sm\">Access model<\/td>\n<td data-start=\"3015\" data-end=\"3043\" data-col-size=\"sm\">Full network access<\/td>\n<td data-start=\"3043\" data-end=\"3080\" data-col-size=\"sm\">App-specific access<\/td>\n<\/tr>\n<tr data-start=\"3081\" data-end=\"3173\">\n<td data-start=\"3081\" data-end=\"3108\" data-col-size=\"sm\">Exposure risk<\/td>\n<td data-start=\"3108\" data-end=\"3136\" data-col-size=\"sm\">High<\/td>\n<td data-start=\"3136\" data-end=\"3173\" data-col-size=\"sm\">Low (apps hidden by default)<\/td>\n<\/tr>\n<tr data-start=\"3174\" data-end=\"3266\">\n<td data-start=\"3174\" data-end=\"3201\" data-col-size=\"sm\">Identity awareness<\/td>\n<td data-start=\"3201\" data-end=\"3229\" data-col-size=\"sm\">Minimal<\/td>\n<td data-start=\"3229\" data-end=\"3266\" data-col-size=\"sm\">Strong (SSO + device posture)<\/td>\n<\/tr>\n<tr data-start=\"3267\" data-end=\"3359\">\n<td data-start=\"3267\" data-end=\"3294\" data-col-size=\"sm\">Performance<\/td>\n<td data-start=\"3294\" data-end=\"3322\" data-col-size=\"sm\">Often slow via backhaul<\/td>\n<td data-start=\"3322\" data-end=\"3359\" data-col-size=\"sm\">Faster with direct access<\/td>\n<\/tr>\n<tr data-start=\"3360\" data-end=\"3452\">\n<td data-start=\"3360\" data-end=\"3387\" data-col-size=\"sm\">Scalability<\/td>\n<td data-start=\"3387\" data-end=\"3415\" data-col-size=\"sm\">Limited<\/td>\n<td data-start=\"3415\" data-end=\"3452\" data-col-size=\"sm\">Built for cloud and remote work<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div class=\"sticky end-(--thread-content-margin) h-0 self-end select-none\">\n<div class=\"absolute end-0 flex items-end\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<p data-start=\"3454\" data-end=\"3531\">ZTNA is not just more secure \u2014 it also delivers a <strong data-start=\"3504\" data-end=\"3530\">better user experience<\/strong>.<\/p>\n<hr data-start=\"3533\" data-end=\"3536\" \/>\n<h2 data-start=\"3538\" data-end=\"3571\">Leading ZTNA Providers in 2025<\/h2>\n<h3 data-start=\"3573\" data-end=\"3614\">1. <strong data-start=\"3580\" data-end=\"3612\">Zscaler ZPA (Private Access)<\/strong><\/h3>\n<p data-start=\"3615\" data-end=\"3673\">A cloud-native ZTNA platform trusted by Fortune 500 firms.<\/p>\n<ul data-start=\"3675\" data-end=\"3812\">\n<li data-start=\"3675\" data-end=\"3703\">\n<p data-start=\"3677\" data-end=\"3703\">Agent-based or agentless<\/p>\n<\/li>\n<li data-start=\"3704\" data-end=\"3741\">\n<p data-start=\"3706\" data-end=\"3741\">Least-privilege access by default<\/p>\n<\/li>\n<li data-start=\"3742\" data-end=\"3776\">\n<p data-start=\"3744\" data-end=\"3776\">Integrated with SSE and SD-WAN<\/p>\n<\/li>\n<li data-start=\"3777\" data-end=\"3812\">\n<p data-start=\"3779\" data-end=\"3812\">Microsegmentation + app discovery<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"3814\" data-end=\"3817\" \/>\n<h3 data-start=\"3819\" data-end=\"3857\">2. <strong data-start=\"3826\" data-end=\"3855\">Cisco Duo + Secure Access<\/strong><\/h3>\n<p data-start=\"3858\" data-end=\"3913\">Cisco\u2019s Zero Trust stack built on identity and posture.<\/p>\n<ul data-start=\"3915\" data-end=\"4085\">\n<li data-start=\"3915\" data-end=\"3951\">\n<p data-start=\"3917\" data-end=\"3951\">Context-aware access enforcement<\/p>\n<\/li>\n<li data-start=\"3952\" data-end=\"3996\">\n<p data-start=\"3954\" data-end=\"3996\">Policy-based controls per user or device<\/p>\n<\/li>\n<li data-start=\"3997\" data-end=\"4050\">\n<p data-start=\"3999\" data-end=\"4050\">Integration with Umbrella, Meraki, and AnyConnect<\/p>\n<\/li>\n<li data-start=\"4051\" data-end=\"4085\">\n<p data-start=\"4053\" data-end=\"4085\">Ideal for hybrid IT environments<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"4087\" data-end=\"4090\" \/>\n<h3 data-start=\"4092\" data-end=\"4126\">3. <strong data-start=\"4099\" data-end=\"4124\">Cloudflare Zero Trust<\/strong><\/h3>\n<p data-start=\"4127\" data-end=\"4169\">Fast and developer-friendly ZTNA solution.<\/p>\n<ul data-start=\"4171\" data-end=\"4298\">\n<li data-start=\"4171\" data-end=\"4190\">\n<p data-start=\"4173\" data-end=\"4190\">No VPN required<\/p>\n<\/li>\n<li data-start=\"4191\" data-end=\"4222\">\n<p data-start=\"4193\" data-end=\"4222\">Agentless browser isolation<\/p>\n<\/li>\n<li data-start=\"4223\" data-end=\"4261\">\n<p data-start=\"4225\" data-end=\"4261\">DNS and HTTP-based access policies<\/p>\n<\/li>\n<li data-start=\"4262\" data-end=\"4298\">\n<p data-start=\"4264\" data-end=\"4298\">GitHub, Okta, and SAML integration<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"4300\" data-end=\"4303\" \/>\n<h3 data-start=\"4305\" data-end=\"4350\">4. <strong data-start=\"4312\" data-end=\"4348\">Palo Alto Networks Prisma Access<\/strong><\/h3>\n<p data-start=\"4351\" data-end=\"4414\">A unified cloud-delivered security platform with ZTNA features.<\/p>\n<ul data-start=\"4416\" data-end=\"4544\">\n<li data-start=\"4416\" data-end=\"4454\">\n<p data-start=\"4418\" data-end=\"4454\">Integrated with SASE and firewalls<\/p>\n<\/li>\n<li data-start=\"4455\" data-end=\"4484\">\n<p data-start=\"4457\" data-end=\"4484\">Inline traffic inspection<\/p>\n<\/li>\n<li data-start=\"4485\" data-end=\"4514\">\n<p data-start=\"4487\" data-end=\"4514\">Threat protection and DLP<\/p>\n<\/li>\n<li data-start=\"4515\" data-end=\"4544\">\n<p data-start=\"4517\" data-end=\"4544\">Identity-based segmentation<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"4546\" data-end=\"4549\" \/>\n<h3 data-start=\"4551\" data-end=\"4606\">5. <strong data-start=\"4558\" data-end=\"4604\">Akamai Enterprise Application Access (EAA)<\/strong><\/h3>\n<p data-start=\"4607\" data-end=\"4667\">Focused on security and performance for global applications.<\/p>\n<ul data-start=\"4669\" data-end=\"4811\">\n<li data-start=\"4669\" data-end=\"4704\">\n<p data-start=\"4671\" data-end=\"4704\">App cloaking and authentication<\/p>\n<\/li>\n<li data-start=\"4705\" data-end=\"4727\">\n<p data-start=\"4707\" data-end=\"4727\">Fast edge delivery<\/p>\n<\/li>\n<li data-start=\"4728\" data-end=\"4765\">\n<p data-start=\"4730\" data-end=\"4765\">Application-layer DDoS protection<\/p>\n<\/li>\n<li data-start=\"4766\" data-end=\"4811\">\n<p data-start=\"4768\" data-end=\"4811\">Works with on-prem, hybrid, and multi-cloud<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"4813\" data-end=\"4816\" \/>\n<h2 data-start=\"4818\" data-end=\"4835\">ZTNA Use Cases<\/h2>\n<ul data-start=\"4837\" data-end=\"5154\">\n<li data-start=\"4837\" data-end=\"4903\">\n<p data-start=\"4839\" data-end=\"4903\"><strong data-start=\"4839\" data-end=\"4859\">Remote workforce<\/strong>: Secure access without full VPN tunneling<\/p>\n<\/li>\n<li data-start=\"4904\" data-end=\"4964\">\n<p data-start=\"4906\" data-end=\"4964\"><strong data-start=\"4906\" data-end=\"4929\">Third-party vendors<\/strong>: Controlled, time-limited access<\/p>\n<\/li>\n<li data-start=\"4965\" data-end=\"5022\">\n<p data-start=\"4967\" data-end=\"5022\"><strong data-start=\"4967\" data-end=\"4983\">M&amp;A activity<\/strong>: Rapid integration of external users<\/p>\n<\/li>\n<li data-start=\"5023\" data-end=\"5084\">\n<p data-start=\"5025\" data-end=\"5084\"><strong data-start=\"5025\" data-end=\"5046\">BYOD environments<\/strong>: Limit access based on device trust<\/p>\n<\/li>\n<li data-start=\"5085\" data-end=\"5154\">\n<p data-start=\"5087\" data-end=\"5154\"><strong data-start=\"5087\" data-end=\"5111\">Regulated industries<\/strong>: Fine-grained audit trails and access logs<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"5156\" data-end=\"5159\" \/>\n<h2 data-start=\"5161\" data-end=\"5194\">ZTNA and SASE: A Perfect Match<\/h2>\n<p data-start=\"5196\" data-end=\"5280\">ZTNA is often deployed as part of <strong data-start=\"5230\" data-end=\"5267\">Secure Access Service Edge (SASE)<\/strong> \u2014 combining:<\/p>\n<ul data-start=\"5282\" data-end=\"5454\">\n<li data-start=\"5282\" data-end=\"5310\">\n<p data-start=\"5284\" data-end=\"5310\"><strong data-start=\"5284\" data-end=\"5292\">ZTNA<\/strong>: Access control<\/p>\n<\/li>\n<li data-start=\"5311\" data-end=\"5337\">\n<p data-start=\"5313\" data-end=\"5337\"><strong data-start=\"5313\" data-end=\"5320\">SWG<\/strong>: Web filtering<\/p>\n<\/li>\n<li data-start=\"5338\" data-end=\"5370\">\n<p data-start=\"5340\" data-end=\"5370\"><strong data-start=\"5340\" data-end=\"5348\">CASB<\/strong>: Cloud app security<\/p>\n<\/li>\n<li data-start=\"5371\" data-end=\"5407\">\n<p data-start=\"5373\" data-end=\"5407\"><strong data-start=\"5373\" data-end=\"5382\">FWaaS<\/strong>: Firewall-as-a-Service<\/p>\n<\/li>\n<li data-start=\"5408\" data-end=\"5454\">\n<p data-start=\"5410\" data-end=\"5454\"><strong data-start=\"5410\" data-end=\"5420\">SD-WAN<\/strong>: Network performance optimization<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"5456\" data-end=\"5529\">Together, they form a <strong data-start=\"5478\" data-end=\"5528\">unified, cloud-delivered security architecture<\/strong>.<\/p>\n<hr data-start=\"5531\" data-end=\"5534\" \/>\n<h2 data-start=\"5536\" data-end=\"5561\">Challenges to Consider<\/h2>\n<ul data-start=\"5563\" data-end=\"5831\">\n<li data-start=\"5563\" data-end=\"5618\">\n<p data-start=\"5565\" data-end=\"5618\"><strong data-start=\"5565\" data-end=\"5582\">User adoption<\/strong> if the solution is overly complex<\/p>\n<\/li>\n<li data-start=\"5619\" data-end=\"5674\">\n<p data-start=\"5621\" data-end=\"5674\"><strong data-start=\"5621\" data-end=\"5634\">Shadow IT<\/strong> and unmanaged apps bypassing controls<\/p>\n<\/li>\n<li data-start=\"5675\" data-end=\"5734\">\n<p data-start=\"5677\" data-end=\"5734\"><strong data-start=\"5677\" data-end=\"5692\">Legacy apps<\/strong> may need reverse proxy or agent support<\/p>\n<\/li>\n<li data-start=\"5735\" data-end=\"5781\">\n<p data-start=\"5737\" data-end=\"5781\"><strong data-start=\"5737\" data-end=\"5754\">Policy sprawl<\/strong> if not centrally managed<\/p>\n<\/li>\n<li data-start=\"5782\" data-end=\"5831\">\n<p data-start=\"5784\" data-end=\"5831\"><strong data-start=\"5784\" data-end=\"5808\">Integration overhead<\/strong> with IAM and EDR tools<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"5833\" data-end=\"5954\">To succeed, organizations should <strong data-start=\"5866\" data-end=\"5888\">standardize policy<\/strong>, <strong data-start=\"5890\" data-end=\"5907\">prioritize UX<\/strong>, and <strong data-start=\"5913\" data-end=\"5947\">pilot with high-risk use cases<\/strong> first.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>As organizations continue to adopt remote work, cloud services, and hybrid IT infrastructure, the traditional perimeter-based security model is becoming obsolete. Employees are no longer working behind firewalls. Applications are no longer hosted in just one data center. And users,&#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-37","post","type-post","status-publish","format-standard","hentry","category-tech"],"_links":{"self":[{"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/posts\/37","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=37"}],"version-history":[{"count":1,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/posts\/37\/revisions"}],"predecessor-version":[{"id":38,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/posts\/37\/revisions\/38"}],"wp:attachment":[{"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=37"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=37"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=37"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}