Architecting the Zero Trust Enterprise

Zero Trust is a strategic approach to cybersecurity that protects organizations by eliminating implicit trust and continuously verifying all stages of digital interaction.

The Zero Trust model is becoming more and more of an eye for executives who need to adapt to digital transformation and adapt to an ever-changing security environment. Unfortunately, many organizations are still struggling to assemble poorly integrated and loose point products that do not match the strategic approaches expected by board members and executives.

Well-deployed Zero Trust Enterprise is a strategic approach to cybersecurity that simplifies and integrates risk management with one key goal of removing all implicit trust in every digital transaction. That is, cybersecurity is designed to be integrated into all networks, connections, and endpoints to address the latest threat situations, regardless of situation, user, user location, device, connection source, or access method. Must be.

By becoming a true Zero Trust Enterprise, organizations can enjoy more consistent, improved security and simplified security operations, effectively reducing costs.

Zero Trust Today: The Latest Security Approach for Digital Transformation

As an industry, we have reached a turning point. Many users and apps are now outside the traditional boundaries. The hybrid workforce is a new reality. Enterprises need to provide access from anywhere and provide the best user experience. The days of managing implicit trust by relying on a static on-premises workforce are over.

At the same time, application delivery has tended to favor public or private clouds, allowing development teams to deliver at an unprecedented pace. However, new architectures, delivery, and consumption models increase the number of instances of implicit trust and expand your app’s catalog to expand your attack surface. On the other hand, when microservices are given implicit trust, they create new opportunities for attackers to move laterally.

Eliminating implicit trust is even more important as infrastructure can be placed anywhere and everything is increasingly interconnected. IT and workplace infrastructure are increasingly connected to Internet apps that centrally control and coordinate them, so you can simply rely on IT equipment such as printers and vendor-supplied hardware and software. died. Anything that connects to the Internet is a risk to your organization. Physical locations are increasingly being driven by connected things such as the IoT. The IoT usually has more access than it needs to. Traditional IT patches and maintenance strategies do not apply here. Cyber ​​attackers know that this can be exploited.

Providing Zero Trust Enterprise

The biggest challenge in adopting the Zero Trust architecture was not the lack of specific security tools, but the simple lack of resources (talent, budget, interoperability, time, etc.). Enforcing up-to-date security controls on moving targets (dynamic threat situations) is a privilege reserved for a small number of resource-rich organizations. So why does Zero Trust work for the masses this time?

Zero Trust Enterprise is made possible by Palo Alto Networks’ extensive experience and comprehensive set of security features to bring consistent Zero Trust controls throughout the organization. As Forrester stated in The Forrester Wave : Zero Trust eXtended Ecosystem Platform Providers, Q3 2020, “Palo Alto Networks basically provides all the tools or features an organization needs to operate its Zero Trust infrastructure. Procured, acquired, or built. Palo Alto Networks is building a robust portfolio to deliver Zero Trust everywhere, including on-premises, data centers, and cloud environments. “¹

Instead of testing, running, and fixing multiple security controls that are not integrated across all security domains, such as malware and DLP, you can rely on one control that can be deployed across your enterprise. As the cost of deployment, operation, and time to market decreases, design security becomes a reality. In addition, leveraging the network effects of telemetry from the entire enterprise, not just one area, means less time to respond to and prevent cyber threats, leading to more resilient cyber security. To do.

Palo Alto Networks: Over 10 years of Zero Trust experience

As a Zero Trust pioneer with thousands of customers and deployments, everyone in security has more experience than Palo Alto Networks across the security ecosystem, including networks, endpoints, IoT, and more. We know that security is not a panacea. The reasons why ZTE’s approach is different are as follows.

• comprehensive: Zero Trust should not focus on narrow technology. Instead, many organizations need to consider the complete ecosystem of controls they rely on for protection.
• Practical: Comprehensive Zero Trust is not easy, but it is not difficult to get started. For example, what control set can you currently implement using your current security tools?
• Easy to understand: In both business and technical terms, convey the Zero Trust approach to non-technical executives in a concise, easy-to-understand summary.
• Ecosystem friendly: In addition to having one of the most comprehensive portfolios on the market, we work with our partner’s broad ecosystem.

Comprehensive approach: users, applications, and infrastructure

Zero trust is the elimination of implicit trust throughout the organization. This means eliminating implicit trust associated with users, applications, and infrastructure.

User’s Zero Trust

Step 1 of the Zero Trust effort requires strong authentication of user identities, enforcement of “minimum access” policies, and verification of user device integrity.

Application Zero Trust

Applying zero trust to an application eliminates the implicit trust with the various components of the application when the applications communicate with each other. The basic concept of Zero Trust is that you cannot trust your application and need continuous monitoring to verify the behavior of your application at run time.

Infrastructure Zero Trust

Everything related to infrastructure, such as routers, switches, the cloud, the IoT, and the supply chain, needs to be addressed with a zero trust approach.

For each of the three pillars, it is important to consistently do the following:

• Establish your identity with the strongest possible authentication. The request is authenticated and approved to verify your identity before granting access. This ID is continuously monitored and validated throughout the transaction.
• Check the device / workload. Identifying enterprise laptops, servers, personal smartphones, or mission-critical IoT devices that require access, identifying device identities, and verifying their integrity are essential to Zero Trust. You need to verify the integrity of the device or host requesting access. This integrity is continuously monitored and verified for the life of the transaction. Or, for applications and cloud infrastructure, identify the requested device or microservice, storage or computing resource, partner and third-party apps before granting access.
• Protect access. Enterprises need to give users access to only the minimum resources they need to perform their activities, limiting access to data, applications, and so on. Even after authenticating and checking for clean devices, you need to ensure minimal privileges.
• Protects all transactions. To prevent malicious activity, all exchanged content should be continuously inspected to ensure that it is legitimate, safe and secure. Data transactions should be thoroughly investigated to prevent the loss of corporate data and attacks on the organization due to malicious activity.

Role of Security Operations Center (SOC)

The SOC may continuously monitor all activities for anomalous or malicious signs, provide audit points for previous trust decisions, and override them as needed. SOC uses a wide range of enterprise data collected from networks, endpoints, clouds, etc. to make all trust decisions using behavioral analytics (UEBA), threat hunting, anomaly detection, SIEM association rules, and more. Double check. SOC can do this because it has a broad view of the entire infrastructure for a subset of information such as individual firewalls and endpoint telemetry. Examining this information across the infrastructure, SOCs have the ability to discover things that are not normally found in individual silos.

Overview

What are the benefits of becoming a Zero Trust Enterprise? By adopting a holistic platform-based approach to Zero Trust, organizations can protect their digital transformation initiatives while increasing their overall level of security and significantly reducing complexity.

For more information on Full Zero Trust Security, Please see us..

1. Chase Cunningham, TheForresterWave : Zero Trust eXtended Ecosystem Platform Providers, Q3 2020, Forrester Consulting, September 24, 2020, https: //start.paloaltonetworks.com/2020-forrester-ztx-report? utm_source = social & utm_medium = blog & utm_campaign = -FY21Q1% 20Forrester% 20Zero% 20Trust% 20eXtended% 20Wave% 20report.

© 2021 Palo Alto Networks, Inc. Palo Alto Networks is a registered trademark of Palo Alto Networks. A list of our trademarks can be found at https://www.paloaltonetworks.com/company/trademarks.html. All other marks in this document may be trademarks of their respective companies. Parent_wp_architecting-the-zero-trust-enterprise_112321