Home
Join

5 Replies

  • Zero Trust is more like a model or set of principles:

    https://www.crowdstrike.com/cybersecurity-101/zero-trust-security/

    The hardware is going to vary.

    Spice (4) flagReport
    Was this post helpful? thumb_up thumb_down
  • enyr0py is right.  To do Zero Trust you design the policies and what is going to be done.  Then and only then do you research hardware to support your Zero Trust model, your goal needs to be to find hardware that meets your needs and not let hardware force your policies and design of controls.

    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • From a policy point of view, one article states that the core policy principles are 

    Continuus Verification. 

    Limit the scope of credentials or access paths AKA “Limit the blast radius.”

    Automate Context Collection and Response

    What steps would I need to take, or what would I need in order to put in place the above policies. 

    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • spicehead-f5hwv wrote:

    From a policy point of view, one article states that the core policy principles are 

    Continuus Verification. 

    Limit the scope of credentials or access paths AKA “Limit the blast radius.”

    Automate Context Collection and Response

    What steps would I need to take, or what would I need in order to put in place the above policies. 

    To what extend do you need ZTN ?? Coz the key is "network" where you can for air-gap networks to edge-controlled networks to even Internet accessed networks and even with "per packet" verification (that will be slower & costly). 

    Was this post helpful? thumb_up thumb_down
  • Well, I'm just trying to setup a basic zero trust infrastructure.  In my understanding the reason why the old network infrastructure is considered obsolete is because everything behind the firewall is trusted.  So, the new idea of Zero Trust Network is nothing is trusted.  So will VPN still be a thing.  Also, to log on to a Windows PC will users still use a password or will it now be multifactor authentication.  Same for files on a file server will the way we share folders change, if so how.  

    Was this post helpful? thumb_up thumb_down

Read these next...