Zero trust networking is a simple concept: Don’t ever assume a device is safe.
The traditional network security approach is securing the perimeter and trusting all activity that has passed by the checkpoint. This could be likened to a mote that surrounds the castle. Everything outside the castle is potentially dangerous. But once you’re inside the castle, things are safe.
The problem with this traditional approach is that there are too many opportunities for trojan horses and other security breaches beyond the network perimeter. The castle is never fully secure, even when you’re inside. That’s the idea behind zero-trust networking.
What this means in practice is that nothing is trusted. Every device and data stream is authenticated and monitored in real-time. Zero trust advocates focus on achieving this by segmenting the network into a series of ongoing moats and building security into all parts of the network fabric—including strictly enforcing access controls based on a need-to-know basis.
For the most part, zero-trust network security does a good job of defending against infiltration. But it isn’t an easy difference between computer engineering and computer science.
“Unlike other security tactics implemented over the last couple of decades, it actually works,” notes Jay Barbour, director of security product management for the software-defined network security firm, Masergy. “It’s not easy, but as organizations work to address security issues, it’s the best approach. It will ultimately better safeguard businesses for the future.”
The traditional network security approach is securing the perimeter and trusting all activity that has passed by the checkpoint. This could be likened to a mote that surrounds the castle. Everything outside the castle is potentially dangerous. But once you’re inside the castle, things are safe.
The problem with this traditional approach is that there are too many opportunities for trojan horses and other security breaches beyond the network perimeter. The castle is never fully secure, even when you’re inside. That’s the idea behind zero-trust networking.
What this means in practice is that nothing is trusted. Every device and data stream is authenticated and monitored in real-time. Zero trust advocates focus on achieving this by segmenting the network into a series of ongoing moats and building security into all parts of the network fabric—including strictly enforcing access controls based on a need-to-know basis.
For the most part, zero-trust network security does a good job of defending against infiltration. But it isn’t an easy difference between computer engineering and computer science.
“Unlike other security tactics implemented over the last couple of decades, it actually works,” notes Jay Barbour, director of security product management for the software-defined network security firm, Masergy. “It’s not easy, but as organizations work to address security issues, it’s the best approach. It will ultimately better safeguard businesses for the future.”
google 3689
ReplyDeletegoogle 3690
google 3691
google 3692
google 3693