Enterprises who want to reliably prevent the exfiltration of sensitive data and improve their ability to defend against modern cyberthreats may want to consider a Zero Trust architecture. Introduced by analyst firm Forrester, Zero Trust is an alternative architecture for IT security.
What is Zero Trust architecture?
Conventional security models operate on the assumption that everything already on the inside of an enterprise’s network can be trusted. They are designed to protect the perimeter of the network and allow threats inside the network to be free to morph and move wherever they choose. However, when considering the increasing sophistication of attacks and insider threats, new security measures need to be implemented that can stop a threat once inside.
Zero Trust is designed to address lateral threat movement within the network by leveraging micro-segmentation and granular perimeters enforcement based on user, data, and location. To gain traffic visibility and context, it needs to go through a next-generation firewall with decryption capabilities. The next-generation firewall enables micro-segmentation of perimeters, and acts as border control within your organization.
Verifying traffic as it crosses between different functions by using two-factor authentication and other methods is crucial. Leveraging a Zero Trust approach to identifying enterprise processes, users, data, and data flows means policy rules can be updated automatically based on associated risks with every iteration.
Identifying leaders in Zero Trust
In November 2018, Forrester evaluated 14 different providers of the Zero Trust eXtended (ZTX) ecosystem and ranked them based on 15 different criteria grouped into three different buckets:
- Current offering. Key criteria for these solutions include all seven of the ZTX ecosystem pillars: network security, data security, workload security, workforce security, device security, visibility and analytics, automation and orchestration, as well as manageability, and usability and API usage.
- Vendors’ product visions were evaluated as applied specifically in a Zero Trust-focused organization, planned enhancements to better enable Zero Trust strategies, and their go-to-market approach for Zero Trust strategically aligned organizations.
- Market presence. Reflective of each vendor’s enterprise install base and number of enterprise customers.
All 14 providers also had to meet the following criteria:
- Notable revenues. Vendors must have at least $75 million in annual revenues.
- ZTX technical capabilities. Vendors must have capabilities in at least three of the seven Zero Trust components:
- Network security
- Device security
- People/identity security
- Workload/application security
- Data security
- Security visibility and analytics
- Security automation and orchestration
- ZTX alignment. Vendors must be strategically aligned with the ZTX framework and overall Zero Trust concepts.
- APIs for integration. Vendors must have a defined and documented API layer — with a healthy number of partners integrating with the vendor’s API.
- Forrester mindshare. Forrester clients regularly list this vendor as one they shortlist or ZTX components.
WEI works closely with two of the top performing clients in this study – Cisco and Illumio. If you’re considering implementing ZTX architecture within your own enterprise, hear what Forrester had to say about their offerings.
The Cisco name is well known in the security space, and its gravitas as a global entity in the network area has been established for decades. The company’s return to enabling security operations more strategically has coincided with the explosion of Zero Trust, and Cisco is doing a good job of establishing its presence here.
Interviewees typically noted the vendor’s strong capability in network security and configuration, but were also quick to note that legacy user interfaces and the spread of capabilities over such a vast functional expanse was at times confusing and hindering.
Following the cutoff date for this report and therefore excluded from the scores, Cisco completed its acquisition of Duo Security to expand on the Cisco approach to Zero Trust. Duo enables customers to verify user and device trust to more securely control access to applications.
A key factor for any Zero Trust enterprise or strategy is to know what assets and controls are in place and to be able to understand, with context, what transactions and threats are critical to the business. In this regard, Illumio shines. The technology provided by the vendor aligns well with enabling the establishment of Zero Trust for an organization, and its ability to provide the contextual insight of threat areas and workflows for both securi ty and continuity stand out in the space.
Users were quick to note the vendor’s strong capability in enabling micro-segmentation on the fly combined with its focus on visualization and usability, all key points in any Zero Trust system.
The market for Zero Trust architecture is growing as more security leaders see it as a way to address top challenges, and vendors are embracing it as a marketing tool for their capabilities and to guide their future road maps.
WEI is a trusted technology partner with a wide range of resources and services that will benefit enterprises looking to implement Zero Trust architecture or increase the scale of their existing program. For more information, contact us today.