Page 168 - Cyber Defense eMagazine December 2023
P. 168

What's Zero Trust?

            Zero  Trust  is  a  guiding  principle  in  cybersecurity.  It  advocates  for  no  implicit  trust.  In  network
            architectures, this is crucial. It refuses automatic access to resources based on network location. This
            deviates from older models that permit access to devices on the same network.

            Consider VPNs. Usually, remote users gain broad access to a network. This poses a massive security
            risk. Zero Trust combats this. It replaces network-focused access control with stringent authentication
            and authorization software. This software lets administrators set access rules for different user groups.
            These rules are enforced regardless of location.

            Data, services, and workflows are shielded by software-defined micro-segmentation. This is instead of
            rigid  network  segmentation.  A  zero-trust  architecture  ensures  strict  user  authentication.  It  considers
            factors like user identity, location, and required service when granting access.

            This approach follows a "never trust, always verify" mantra. It blocks inappropriate access instantly. For
            this, Zero Trust requires a clear view and control over network traffic. It must monitor traffic sent through
            all parts of the environment.
            While integrating Zero Trust requires effort, the payoff is significant. It simplifies network structures. It
            offers more flexibility for users and application deployment.



            What's SASE?


            SASE or Secure Access Service Edge, is Gartner's answer to security challenges. These challenges are
            posed  by  remote  work  and  cloud-based  applications.  It  combines  essential  networking  and  security
            services into a comprehensive solution.

            This solution includes FWaaS (Firewall as a Service), DLP (Data Loss Prevention), ZTNA (Zero Trust
            Network Access), secure web gateways, and CASB (Cloud Access Security Broker). In essence, SASE
            is business networking and security on a single platform. It provides a holistic security architecture for
            data centers, branches, cloud resources, third-party apps, and mobile devices.

            For businesses navigating the complexities of remote or hybrid work, SASE is attractive. SASE providers
            offer cloud security solutions with application-level security. Zero Trust is at the heart of SASE. Constant
            checks  for  authentication  and  authorization  are  in  place.  This  ensures  tight  security  for  users  and
            applications, wherever they are in the world.



            Why it's Not ZTNA vs. SASE, but ZTNA and SASE?

            When it comes to network security, ZTNA and SASE share a harmonious collaboration. They are not in
            competition but work together for enhanced security. SASE serves as the overarching philosophy, with
            ZTNA as one of its integral components.





            Cyber Defense eMagazine – December 2023 Edition                                                                                                                                                                                                          168
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   163   164   165   166   167   168   169   170   171   172   173