For this article, I’m going to treat these three architectures as if they were one uniform thing, which in reality they’re most assuredly not. One way to view these three approaches is not as technically defined architectures, but rather as security systems that exhibit a particular set of desirable attributes. There are three prominent examples of new architectures in the industry – the Software-Defined Perimeter, the Zero Trust model from Forrester, and Google’s BeyondCorp architecture. New Network Security Architecture – Software-Defined Perimeter, Zero-Trust & Google’s BeyondCorp In fact, it’s now becoming widely accepted that these requirements simply cannot be met with traditional network security tools or approaches, and that a new security architecture is required. Able to simplify and unify security across hybrid environmentsĪfter reading this list, it should be apparent that while these requirements can be (and often have been) successfully met at the application level, enterprises have largely failed to do so at the network level.Automated, to dynamically adapt to both user and server changes.Identity-centric (sometimes called user-centric).Organizations want InfoSec systems that are: These requirements make up an interesting challenge for network security.
If we look at how different constituencies – enterprises, vendors, and analysts – are talking about how they want and need to secure organizations, things are starting to coalesce around a particular set of requirements. (There are some ways in which network security may be leading the enterprise, in particular around IoT, but that’s a topic for the future). It’s clear to me that there’s a sea change coming in terms of how enterprises are approaching network security, which is finally, in some ways, “catching up” with the rest of the enterprise. It will help you begin the process of creating a network security architecture and philosophy that’s your own, and is appropriate for your organization. However, what I am going to do is to provide an argument and structure for how we need to think about network security today. I’m not going to be able to articulate a Grand Unified Theory in this short blog post. Providing consumers with seamless access while reducing risk
Solving today's network access challenges with Zero Trust security
0 kommentar(er)
