Zero Trust Networks

Description

This practical book provides a detailed explanation of the zero trust security model. Zero trust is a security paradigm shift that eliminates the concept of traditional perimeter-based security and requires you to "always assume breach" and "never trust but always verify." The updated edition offers more scenarios, real-world examples, and in-depth explanations of key concepts to help you fully comprehend the zero trust security architecture.

Examine fundamental concepts of zero trust security model, including trust engine, policy engine, and context aware agents

Understand how this model embeds security within the system's operation, with guided scenarios at the end of each chapter

Migrate from a perimeter-based network to a zero trust network in production

Explore case studies that provide insights into organizations' zero trust journeys

Learn about the various zero trust architectures, standards, and frameworks developed by NIST, CISA,...

Highlights

What Is a Zero Trust Network?

Quote

What Is a Zero Trust

Quote

The network is always assumed to be hostile.

Quote

Network locality alone is not sufficient for deciding trust in a network.

Quote

Policies must be dynamic and calculated from as many sources of data as possible.

Quote

into zones,

Quote

by one or more firewalls.

Quote

Each zone is granted some level of trust,

Quote

determines the network resources it is permitted to reach.

Quote

resources

Quote

controlled.

Quote

architecture

Quote

zero trust model turns this diagram inside out.