There are almost as many definitions of Zero-Trust Architecture as there are vendors offering ZTA-based solutions. It seems to be the latest security catch-phrase.
The most common ideas are that applications following ZTA principles should:
- assume they are running on an unprotected network (i.e., the Internet, or a breached internal corporate network)
- validate the identities involved in every network conversation (people, machines, and/or services)
- encrypt sensitive communications (or all?)
- ensure the integrity of communicated messages
In other words, the old days of castle-and-moat security don’t cut it in a highly connected, cloud-based world. Modern ZTA-based applications can’t rely on firewalls alone to provide needed security, they must also defend themselves against misuse from adversaries.
Is Zero-Trust possible in network monitoring situations? So many of the legacy technologies (SNMP, ICMP, DNS, OSPF, BGP, etc., etc.) were built with implicit trust. Can they be made trustworthy?