Page 168 - Cyber Defense eMagazine December 2023
P. 168
What's Zero Trust?
Zero Trust is a guiding principle in cybersecurity. It advocates for no implicit trust. In network
architectures, this is crucial. It refuses automatic access to resources based on network location. This
deviates from older models that permit access to devices on the same network.
Consider VPNs. Usually, remote users gain broad access to a network. This poses a massive security
risk. Zero Trust combats this. It replaces network-focused access control with stringent authentication
and authorization software. This software lets administrators set access rules for different user groups.
These rules are enforced regardless of location.
Data, services, and workflows are shielded by software-defined micro-segmentation. This is instead of
rigid network segmentation. A zero-trust architecture ensures strict user authentication. It considers
factors like user identity, location, and required service when granting access.
This approach follows a "never trust, always verify" mantra. It blocks inappropriate access instantly. For
this, Zero Trust requires a clear view and control over network traffic. It must monitor traffic sent through
all parts of the environment.
While integrating Zero Trust requires effort, the payoff is significant. It simplifies network structures. It
offers more flexibility for users and application deployment.
What's SASE?
SASE or Secure Access Service Edge, is Gartner's answer to security challenges. These challenges are
posed by remote work and cloud-based applications. It combines essential networking and security
services into a comprehensive solution.
This solution includes FWaaS (Firewall as a Service), DLP (Data Loss Prevention), ZTNA (Zero Trust
Network Access), secure web gateways, and CASB (Cloud Access Security Broker). In essence, SASE
is business networking and security on a single platform. It provides a holistic security architecture for
data centers, branches, cloud resources, third-party apps, and mobile devices.
For businesses navigating the complexities of remote or hybrid work, SASE is attractive. SASE providers
offer cloud security solutions with application-level security. Zero Trust is at the heart of SASE. Constant
checks for authentication and authorization are in place. This ensures tight security for users and
applications, wherever they are in the world.
Why it's Not ZTNA vs. SASE, but ZTNA and SASE?
When it comes to network security, ZTNA and SASE share a harmonious collaboration. They are not in
competition but work together for enhanced security. SASE serves as the overarching philosophy, with
ZTNA as one of its integral components.
Cyber Defense eMagazine – December 2023 Edition 168
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.