Welcome to Part 2 of Network Security Models. The core Zero Trust principles that define the operational objectives of a Zero Trust implementation include, ensuring all resources are accessed securely regardless of location. This suggests not only the need for multiple trust boundaries but also increased use of secure access for communication to and from resources, even when sessions are confined to the internal network. It also means ensuring only devices with the correct status and settings, have an approved VPN client and proper passcodes, and are not running malware are allowed to access the network. Adopting a least privileged strategy and strictly enforce access control. The goal is to absolutely minimize allowed access to resources as a means to reduce the pathways available for malware and attackers to gain unauthorized access, and subsequently to spread laterally and/or infiltrate sensitive data. Inspecting and logging all traffic. This reiterates the need to always verify while also making it clear adequate protection requires more than just strict enforcement of access control. Close and continuous attention must also be paid to exactly what is happening in allowed applications. The only way to do this is to inspect the content for threats. The main components of the Zero Trust conceptual architecture include, first, the Zero Trust segmentation platform. Referred to as a network segmentation gateway by Forrester research. The Zero Trust segmentation platform is the component used to define internal trust boundaries. In other words, it is what provides the majority of the security functionality needed to deliver on the Zero Trust operational objectives, including the ability to enable or secure network access, to control traffic flow to and from resources in a granular way, and to continuously monitor allowed sessions for any threat activity. The second is trust zones referred to as a microcore and perimeter or MCAP by Forrester research. A trust zone is a distinct pocket of infrastructure where the member resource is not only operated in the same trust level but also share similar functionality. Sharing functionality such as protocols and types of transactions is imperative because this is what is needed to actually minimize the number of allowed pathways into and out of a given zone and in turn minimize the potential from malicious insiders and other types of threats to gain unauthorized access to sensitive resources. Examples of trust zones include the user or campus zone, a wireless zone for guest access, a cardholder data zone, database, the application zones for multi-tier services, and a zone for public-facing web applications. It is important to note too that a trust zone is not intended to be a pocket of trust where systems and therefore threats within the zone are able to communicate freely and directly with each other. For a full Zero Trust implementation, the network would be configured to ensure all communications traffic, including one between devices in the same zone is intermediated by the corresponding zero trust segmentation platform. Third, a management infrastructure. Centralized management capabilities are crucial to enabling efficient administration and ongoing monitoring, particularly for implementations involving multiple distributed Zero Trust segmentation platforms. In addition, a data acquisition network provides a convenient way to supplement the native monitoring and analysis capabilities for a Zero Trust segmentation platform. By forwarding all session logs to data acquisition network, this data can then be processed by any number of out-of-band analysis tools and technologies intended, for example, to further enhance network visibility, detect unknown threats, or support compliance reporting. The heart of any Zero Trust network security architecture is the Zero Trust segmentation platform, so choosing the right solution is imperative. The key criteria and capabilities for IT security managers and architects to consider when selecting a Zero Trust segmentation platform include secure access. Consistent secure IPsec and SSL VPN connectivity is provided for all employees, partners, customers, and guests wherever they're located. For example, at remote or branch offices on the local network or over the Internet. Policies to determine which users and devices can access sensitive applications and data can be defined based on the application, user, content, device, and device state. Inspection of all traffic. Application identification accurately identifies and classifies all traffic, regardless of ports and protocols and evasive tactics such as port hopping or encryption. This eliminates methods malware may use to hide from detection and provides complete context in the application's associated content and threats. Lease privileges access control. The combination of the application, user, and content identification delivers a positive control model that allows organizations to control interactions with resources based on an extensive range of business-relevant attributes, including the specific application and individual functions being used, user and group identity, and the specific types or pieces of data being accessed, such as credit card or Social Security numbers. The result is truly granular access control that safely enables the right applications from the right sets of users while automatically eliminating unwanted, unauthorized, and potentially harmful traffic from gaining access to the network. Cyber threat protection. A combination of anti-malware intrusion prevention and cyber theft prevention technologies provide comprehensive protection against both known and unknown threats, including threats on mobile devices. In addition, support for a closed-loop highly integrated defense ensures inline enforcement devices and other components in the threat protection framework are automatically updated. Coverage for all security domains. Virtual and hardware appliances enable trust boundaries to consistently and cost-effectively be established throughout an organization's entire network, including in remoter branch offices for mobile users at the Internet perimeter, in the Cloud, at the ingress points throughout the data center or for individual areas wherever they might exist. Moving forward with the Zero Trust network security model doesn't require a major overhaul than an organization's network and security infrastructure. A Zero Trust design architecture can be implemented in a way requiring only incremental modifications to the existing network and is completely transparent to your users. Advantages of such a flexible, non-destructive deployment approach include minimizing the potential impact on operations and being able to spread the required investment and work effort over time. To get started, a Zero Trust segmentation platform can be configured in listen-only mode to obtain a detailed picture of traffic flows throughout the network. Including where, when, and to what extent specific users are using specific applications and data resources. Armed with a detailed understanding of the network traffic flows in the environment, the next step is to define trust zones and incrementally establish corresponding trust boundaries based on relative risk and/or sensitivity of the data involved. To do this, devices are deployed in appropriate locations to establish internal trust boundaries for defined trust zones. Then the appropriate enforcement and inspection policies are configured to effectively put each trust boundary online. From there, trust zones and boundaries can be progressively established for other segments of the computing environment based on the relative degree of risk. For example, IT in management systems and networks where administrators often hold the proverbial keys to the kingdom and a successful breach could lead to compromise of the entire network. Partner resources and connections, business to business or B2B, high profile customer-facing resources and connections, business to consumer or B2C, branch offices in risky countries or regions followed by all other branch offices, guest access networks, both wireless and wired, campus networks. Finally, Zero Trust principles and concepts need to be implemented at major access points to the Internet. Replacing or augmenting legacy network security devices with a Zero Trust segmentation platform will be necessary in this development stage in order to gain all of the requisite capabilities and benefits of the Zero Trust security mode.
