Understanding Zero Trust Network Security

Aug 25, 2024

Take quiz

Network Security and Zero Trust

Traditional Network Security

  • Many networks are open internally after passing through the firewall.
  • Lack of controls allows both authorized and unauthorized access.

Zero Trust Networks

  • Requires authentication for each resource access.
  • Applies to devices, processes, and users.
  • Implements multi-factor authentication, encryption, additional firewalls, and policies.
  • Breaks down security devices into smaller components (functional planes).

Functional Planes of Operation

  • Data Plane:
    • Processes security tasks like forwarding, NAT, routing.
    • Operates at real-time data movement level.
  • Control Plane:
    • Manages data plane actions.
    • Configures policies, rules, NAT, routing.

Implementation Examples

  • Physical Devices:
    • Switch interfaces handle data movement (data plane).
    • Configuration changes happen in the control plane.
  • Virtual & Cloud Devices:
    • Similar separation of data and control planes.

Advanced Security Controls

  • Adaptive Identity:
    • Examines identity beyond user credentials.
    • Considers source location, relation to organization, physical location, connection type.
    • Uses this data to enforce stronger authentication.

Network Access Control

  • Entry Point Limitation:
    • Restricts access to specific locations like on-site or VPN.
  • Policy Driven Access Control:
    • Analyzes data points to determine authentication needs.

Security Zones

  • Security Zones Concept:
    • Categorizes connections for granular control.
    • Defines interaction rules between zones (trusted vs untrusted).
  • Implicit Trust:
    • Trusted zones may have relaxed internal communication policies.

Policy Enforcement and Decision

  • Policy Enforcement Point:
    • Acts as gatekeeper for network traffic.
    • Evaluates traffic based on policies.
  • Policy Decision Point:
    • Decides on traffic permissions based on policies.
  • Policy Administrator:
    • Communicates decisions and manages access tokens.

Zero Trust Model Workflow

  • Subjects and systems initiate communication.
  • Traffic passes through policy enforcement point.
  • Policy enforcement point consults policy administrator.
  • Policy decision is made and communicated.
  • If granted, access is allowed to the requested resource.