Zero Trust Networks

Description

This practical book provides a detailed explanation of the zero trust security model. Zero trust is a security paradigm shift that eliminates the concept of traditional perimeter-based security and requires you to "always assume breach" and "never trust but always verify." The updated edition offers more scenarios, real-world examples, and in-depth explanations of key concepts to help you fully comprehend the zero trust security architecture.

  • Examine fundamental concepts of zero trust security model, including trust engine, policy engine, and context aware agents
  • Understand how this model embeds security within the system's operation, with guided scenarios at the end of each chapter
  • Migrate from a perimeter-based network to a zero trust network in production
  • Explore case studies that provide insights into organizations' zero trust journeys
  • Learn about the various zero trust architectures, standards, and frameworks developed by NIST, CISA,...

    Highlights

    What Is a Zero Trust Network?

    Quote

    What Is a Zero Trust

    Quote

    The network is always assumed to be hostile.

    Quote

    Network locality alone is not sufficient for deciding trust in a network.

    Quote

    Policies must be dynamic and calculated from as many sources of data as possible.

    Quote

    into zones,

    Quote

    by one or more firewalls.

    Quote

    Each zone is granted some level of trust,

    Quote

    determines the network resources it is permitted to reach.

    Quote

    resources

    Quote

    controlled.

    Quote

    architecture

    Quote

    zero trust model turns this diagram inside out.