What is Zero Trust Security
Zero Trust is a network security concept, was created by John Kindervag, a security analyst who worked at Forrester Research, based on the realization that traditional security models operate on the outdated assumption that everything inside an organization’s network should be trusted.
Traditional security model – Trust with verify
Zero trust model – Untrust with verify
Commercial zero trust network solutions
Microsoft https://www.microsoft.com/en-us/security/business/zero-trust
Cisco https://www.cisco.com/c/en_ca/products/security/zero-trust.html
Palo Alto, https://www.paloaltonetworks.com/network-security/zero-trust
Cloudflare https://www.cloudflare.com/en-ca/learning/security/glossary/what-is-zero-trust/
What makes zero trust network different
1 There is no trust zone and every single access will go through trust/security engine(Most of them based on the commercial solutions)
2 Default whitelisting access control rather than a blacklist
3 Not reply on security perimeter although there is still deployed traditional security perimeter
Comercial zero trust solution is not the solution for small business
1 Service bonding security solution that might not suite for small business
2 Highly based edge security appliance/system
How to deploy zero trust network without dedicated security solutions/appliance
1 Transfer layered security perimeter to flatten micro-service boundaries
2 All network access need MFA access control