While ZTNA offers clear security advantages, the primary downsides are often related to complexity and implementation overhead. Implementing a true Zero Trust model requires a significant shift from simple network-based access to detailed, application-specific, and identity-based policies.

This can result in a steep learning curve and complex policy configuration and management. 

Depending on the vendor, ZTNA solutions that rely on endpoint agents may also introduce occasional performance or stability issues on user devices, and the initial migration effort from legacy systems can be substantial and require specialized expertise.