wpAdminThroughout the SP 800-207 document, the Software Defined Perimeter as defined by the Cloud Security Alliance is referenced as a preferred implementation of the Zero Trust Architecture. The Software Defined Perimeter isolates servers from the network to defeat server exploitation, implements multifactor authentication to defeat credential theft, and provides impregnable tunnels to defeat man-in-the-middle attacks – meeting the objectives of the Zero Trust Architecture. The SP 800-207 document also goes on to define how other security controls can be used with the Software Defined Perimeter to increase the trust level of users and endpoints.
This paper clarifies the key components of the Zero Trust Architecture in terms that are familiar to security professionals. It defines the four pillars of the new standard: segmentation, access policy, trusted identity, and trusted endpoints, and explains how they can be implemented such that only trusted users on trusted devices can access trusted applications over trusted connections – the nirvana of secure networking.
Add comment