{"id":18260,"date":"2021-03-18T05:55:41","date_gmt":"2021-03-18T05:55:41","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=18260"},"modified":"2023-08-08T21:51:08","modified_gmt":"2023-08-08T21:51:08","slug":"how-to-implement-zero-trust","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/","title":{"rendered":"How to Implement Zero Trust"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Zero trust has gone from new idea to buzzword and industry paradigm in a decade. Much more than a one size fits all product or service, zero trust requires an organization to identify its most sensitive assets, monitor traffic flows, and enforce granular, application-level access policies&#8211;all of which are entirely dependent on your organization. As organizations look to strengthen their <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/best-network-security-tools\/\"><span style=\"font-weight: 400;\">network security<\/span><\/a><span style=\"font-weight: 400;\"> or update their cybersecurity defenses, the gospel of zero trust awaits.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With the swift adoption of remote work and added difficulty identifying network perimeters, zero trust as a solution is gaining steam. Top cybersecurity vendors compete for positioning in this new marketplace with several <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/zero-trust-security-solutions\/\"><span style=\"font-weight: 400;\">zero trust tools<\/span><\/a><span style=\"font-weight: 400;\"> to aid in your organization&#8217;s adoption of the framework and continued maintenance. But ultimately, moving towards a zero trust network environment is an organizational choice. We&#8217;ll touch on the history of zero trust, the benefits, and how to implement zero trust into your network security starting today.\u00a0<\/span><\/p>\n<p><b>Also Read: <\/b><a href=\"https:\/\/www.esecurityplanet.com\/products\/zero-trust-security-solutions\/\"><b>Top Zero Trust Security Solutions of 2021\u00a0<\/b><\/a><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68_1 ez-toc-wrap-left counter-flat ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-66d6d3b76aacd\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"ez-toc-cssicon\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-66d6d3b76aacd\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#Ten-years-of-zero-trust\" title=\"Ten years of zero trust\">Ten years of zero trust<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#Why-zero-trust\" title=\"Why zero trust?\">Why zero trust?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#Implementing-zero-trust\" title=\"Implementing zero trust\">Implementing zero trust<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#Trust-nothing-verify-everything\" title=\"Trust nothing, verify everything\">Trust nothing, verify everything<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Ten-years-of-zero-trust\"><\/span><b>Ten years of zero trust<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">In the 2000s, the Jericho Forum was a group of international IT leaders concerned with the then-fixation on perimeter-based security strategies. By 2010, Forrester&#8217;s John Kindervag had presented the basic features surrounding the new concept known as zero trust. Today, zero trust networks are an industry standard for enhancing security inside your network.\u00a0<\/span><\/p>\n<h3><b>What is Zero Trust?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">&#8220;Trust nothing, verify everything&#8221; can sum up the concept of zero trust. In a few more words, zero trust means: within your organization&#8217;s network of resources, no one user, <\/span><a href=\"https:\/\/www.esecurityplanet.com\/networks\/\"><span style=\"font-weight: 400;\">packet<\/span><\/a><span style=\"font-weight: 400;\">, or device should be trusted or granted greater privileges than required. Where in the past, outside network attacks might&#8217;ve been an organization&#8217;s security priority, the trust vested inside networks has proven to be just as dangerous a vulnerability. A zero trust strategy centers around refined controls to improve and rightfully restrict access to your network and applications. By limiting movement, you mitigate the risk of malicious actors accessing key segments.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Gartner defines <\/span><a href=\"https:\/\/www.gartner.com\/en\/information-technology\/glossary\/zero-trust-network-access-ztna-#:~:text=Zero%20trust%20network%20access%20(ZTNA)%20is%20a%20product%20or%20service,a%20set%20of%20named%20entities.\"><span style=\"font-weight: 400;\">zero trust network access (ZTNA)<\/span><\/a><span style=\"font-weight: 400;\"> as &#8220;a product or service that creates an identity- and context-based, logical access boundary around an application or set of applications.&#8221; In layman&#8217;s terms, ZTNA removes visibility or potential access to assets by enforcing stricter privilege policies inside your organization&#8217;s network. As a relatively new market, zero trust tools serve as alternatives to <\/span><a href=\"https:\/\/www.esecurityplanet.com\/networks\/best-practices-vpn-access-remains-seamless\/\"><span style=\"font-weight: 400;\">VPN<\/span><\/a><span style=\"font-weight: 400;\"> and <a href=\"https:\/\/www.esecurityplanet.com\/networks\/dmz-network\/\">DMZ<\/a> architecture, or a granular approach to <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/network-access-control-solutions\/\"><span style=\"font-weight: 400;\">network access control<\/span><\/a><span style=\"font-weight: 400;\"> (NAC), <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/best-iam-software\/\"><span style=\"font-weight: 400;\">identity access management<\/span><\/a><span style=\"font-weight: 400;\"> (IAM), and <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/privileged-access-management-pam-software\/\"><span style=\"font-weight: 400;\">privilege access management<\/span><\/a><span style=\"font-weight: 400;\"> (PAM).\u00a0\u00a0<\/span><\/p>\n<p><b>Read Also: <\/b><a href=\"https:\/\/www.esecurityplanet.com\/products\/privileged-access-management-pam-software\/\"><b>Best Privileged Access Management (PAM) Software<\/b><\/a><b>\u00a0<\/b><\/p>\n<h3><b>Intro to Microsegmentation<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">A core feature of any zero trust environment is the creation of micro-perimeters around critical segments, also known as <\/span><a href=\"https:\/\/www.esecurityplanet.com\/threats\/microsegmentation-zero-trust-security\/\"><span style=\"font-weight: 400;\">microsegmentation<\/span><\/a><span style=\"font-weight: 400;\">. While your old network security might&#8217;ve identified IP addresses or only required initial access for a user to trek the network, microsegmentation uses software-defined barriers requiring proper verification of the user, location, and device. <\/span><a href=\"https:\/\/www.esecurityplanet.com\/networks\/secure-web-gateway\/\"><span style=\"font-weight: 400;\">Segmentation gateways<\/span><\/a><span style=\"font-weight: 400;\"> (SWG) or <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/top-ngfw\/\"><span style=\"font-weight: 400;\">next-generation firewalls<\/span><\/a><span style=\"font-weight: 400;\"> (NGFW) play a critical role in meticulous policy enforcement at the application, machine, and user levels. With this power in hand, IT professionals can define user groups, access groups, and network groups for multiple applications or devices.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">While there has been a movement to microsegmentation over distributed networks like SD-WAN, new solutions like SASE combine ZTNA, SD-WAN, SWG, <\/span><a href=\"https:\/\/www.esecurityplanet.com\/cloud\/firewalls-as-a-service-fwaas\/\"><span style=\"font-weight: 400;\">CASB<\/span><\/a><span style=\"font-weight: 400;\">, and <\/span><a href=\"https:\/\/www.esecurityplanet.com\/cloud\/firewalls-as-a-service-fwaas\/\"><span style=\"font-weight: 400;\">FWaaS<\/span><\/a><span style=\"font-weight: 400;\"> to meet threats at the network edge.\u00a0<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Why-zero-trust\"><\/span><b>Why zero trust?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The days where malicious users can make lateral movement and access to entire networks are coming to an end. As organizations&#8217; networks expand by <\/span><a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/remote-workforce-security\/\"><span style=\"font-weight: 400;\">remote workforce<\/span><\/a><span style=\"font-weight: 400;\"> or increased customer traffic, using a zero trust framework is essential in limiting users&#8217; access to specific data and applications.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">But even before the boom of IoT devices or the COVID-19 pandemic, trust was a major organizational vulnerability. As Mr. Kindervag stated emphatically at a <\/span><a href=\"https:\/\/www.youtube.com\/watch?v=-ld2lfz6ytU&amp;t=216s\"><span style=\"font-weight: 400;\">2019 conference<\/span><\/a><span style=\"font-weight: 400;\">, &#8220;What is trust? Trust is a human emotion that we&#8217;ve injected into digital systems for absolutely no reason at all!&#8221; The examples of breaches due to mistaken trust, up to the most powerful institutions in the world, are numerous. Notable incidents of trust gone wrong within the U.S. federal government include the Chelsea Manning and Edward Snowden breaches in 2013. Both actors used their network access to obtain sensitive information outside the scope of their role. Organizations that adopt zero trust can manage access controls at a granular level and protect their most sensitive segments.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In attacks like the <\/span><a href=\"https:\/\/www.esecurityplanet.com\/threats\/fireeye-solarwinds-breaches-implications-protections\/\"><span style=\"font-weight: 400;\">FireEye and SolarWinds breaches<\/span><\/a><span style=\"font-weight: 400;\"> in December 2020, advanced persistent threats (APTs) were able to move laterally through the network, harvesting sensitive information, in-part because all they needed were stolen credentials. Without microsegmentation and a zero trust framework, one bad actor&#8217;s access could turn into a lingering nightmare where adversaries are consistently present in your network.\u00a0<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Implementing-zero-trust\"><\/span><b>Implementing zero trust<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Every zero trust framework is custom to your organization&#8217;s <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/best-network-security-tools\/\"><span style=\"font-weight: 400;\">network security<\/span><\/a><span style=\"font-weight: 400;\">. No one vendor is necessary for your organization to start making moves towards a zero trust environment. Your organization also doesn&#8217;t have to reinvent your IT infrastructure. Here&#8217;s a look at how to implement a zero trust network in five steps.\u00a0<\/span><\/p>\n<h3><b>1. Identify the Protect Surface and Users<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Much like a hyperenergetic pufferfish, network perimeters are increasingly fluctuating, and attempts to protect the entire network make for stressed IT professionals. The zero trust framework requires zooming in on your organization&#8217;s most sensitive information to define your &#8220;protect surface.&#8221; If your entire network is the attack surface, your protect surface is the segments that contain sensitive data, essential IT operations, and anything else your organization deems worthy of more robust user privileges.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Another task best completed at the onset of your zero trust journey is identifying users and devices and crystallizing authentication protocols. Solutions like <\/span><a href=\"https:\/\/www.esecurityplanet.com\/networks\/zero-trust-iam\/\"><span style=\"font-weight: 400;\">zero trust IAM<\/span><\/a><span style=\"font-weight: 400;\"> go beyond <\/span><a href=\"https:\/\/www.esecurityplanet.com\/applications\/single-sign-on\/\"><span style=\"font-weight: 400;\">single sign-on <\/span><\/a><span style=\"font-weight: 400;\">(SSO) or <\/span><a href=\"https:\/\/www.esecurityplanet.com\/networks\/deloitte-suffers-major-data-breach-without-multi-factor-authentication\/\"><span style=\"font-weight: 400;\">multi-factor authentication<\/span><\/a><span style=\"font-weight: 400;\"> (MFA) as an auditing mechanism for identity governance.\u00a0<\/span><\/p>\n<p><b>Also Read: <\/b><a href=\"https:\/\/www.esecurityplanet.com\/products\/best-iam-software\/\"><b>Best IAM Software<\/b><\/a><\/p>\n<h3><b>2. Mapping Traffic Flows<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Identifying how your sensitive data moves on your network and what devices are accessing it is essential to protecting that information. By mapping your traffic flows, you gain actionable intelligence regarding the interdependencies of your most important segments, devices, and network. As you consider who will need to access what, this analysis will provide added context to your data&#8217;s purpose. IT administrators can then refine controls to ensure only permitted traffic flows are valid and place boundaries between the different zones and segments.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Devices play a vital role at this stage as you can also determine how users are accessing the network and segments. By managing <\/span><a href=\"https:\/\/www.esecurityplanet.com\/cloud\/iot-device-risk-to-enterprises\/\"><span style=\"font-weight: 400;\">device inventory<\/span><\/a><span style=\"font-weight: 400;\"> for your internal organization, administrators can access scenarios of managed versus unmanaged devices. With larger organizations and networks, <\/span><a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/antivirus-vs-epp-vs-edr\/#edr\"><span style=\"font-weight: 400;\">endpoint security solutions<\/span><\/a><span style=\"font-weight: 400;\"> (EDR) and <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/best-user-and-entity-behavior-analytics-ueba-tools\/\"><span style=\"font-weight: 400;\">user and entity behavior analytics<\/span><\/a><span style=\"font-weight: 400;\"> (UEBA) have emerged as additional tools to mitigate attacks in their tracks.\u00a0<\/span><\/p>\n<p><b>Also Read: <\/b><a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/antivirus-vs-epp-vs-edr\/#edr\"><b>Antivirus vs. EPP vs. EDR: How to Secure Your Endpoints\u00a0<\/b><\/a><\/p>\n<h3><b>3. Construct Your Micro-Perimeters<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Now that you have identified your protect surface, mapped flows, and devices, you&#8217;ve got what you need to create your organization&#8217;s zero trust environment, and the fun begins. Using a <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/top-ngfw\/\"><span style=\"font-weight: 400;\">next-generation firewall<\/span><\/a><span style=\"font-weight: 400;\"> (NGFW), you can establish a segmentation gateway or micro-perimeter around the protect space. These segmentation gateways offer you an application-level inspection and access control to stop potential actors from reaching your most sensitive segments. Completing this is even easier nowadays as software-defined networking (SDN) platforms can enable you to deploy filters within the network fabric.\u00a0<\/span><\/p>\n<h3><b>4. Configure Access Policies<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">You&#8217;ve defined your protect surface, mapped transaction flows, and segmentation gateways or NGFWs&#8211;your network is ready for the trusty Kipling Method. By answering the following <\/span><a href=\"https:\/\/docs.paloaltonetworks.com\/best-practices\/9-0\/zero-trust-best-practices\/zero-trust-best-practices\/the-five-step-methodology\/step-4-create-the-zero-trust-policy.html\"><span style=\"font-weight: 400;\">questions provided by Palo Alto Networks<\/span><\/a><span style=\"font-weight: 400;\">, you&#8217;ll be able to design and enforce granular policy enabling privileged user access and safe application communication.\u00a0<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b><i>Who<\/i><\/b><span style=\"font-weight: 400;\"> should be accessing a resource?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b><i>What <\/i><\/b><span style=\"font-weight: 400;\">application is accessing a resource inside the protect surface?\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b><i>When<\/i><\/b><span style=\"font-weight: 400;\"> is the resource being accessed?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b><i>Where<\/i><\/b><span style=\"font-weight: 400;\"> is the packet destination?\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b><i>Why<\/i><\/b><span style=\"font-weight: 400;\"> is this packet trying to access this resource within the protect surface?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b><i>How<\/i><\/b><span style=\"font-weight: 400;\"> is the packet accessing the protect surface via a specific application?\u00a0<\/span><\/li>\n<\/ul>\n<p><b>Also Read: <\/b><a href=\"https:\/\/www.esecurityplanet.com\/products\/top-ngfw\/\"><b>Ten Top Next-Generation Firewall (NGFW) Vendors\u00a0<\/b><\/a><\/p>\n<h3><b>5. Monitor and Maintain<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">While your zero trust network is all set, the task of monitoring and maintaining the network architecture begins. Your network administrators now have access to review all logs up to Layer 7, giving them insight into zero trust policies&#8217; operational aspects. By inspecting and logging all traffic, your organization can use and enforce what it&#8217;s learned to continue improving its network security. Eventually, your organization may reach &#8220;D-Day&#8221; when your network makes the switch from the default &#8216;allow&#8217; to default &#8216;deny&#8217; for any flow anomalies.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Securing a network&#8217;s data and applications while offering uninterrupted and convenient access is the constant balancing game for any organization. While the default &#8216;deny&#8217; function could deny access to an intended user or device, it&#8217;s an opportunity to investigate and resolve the specific connectivity issue. Whether this potential time lost is worth more robust security through zero trust is up to your organization. As for savings to your organization, moving other sensitive segments from legacy networks to your zero trust network can also be cost-effective and non-disruptive.\u00a0<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Trust-nothing-verify-everything\"><\/span><b>Trust nothing, verify everything<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">With a fear that too much trust could be an organization&#8217;s most dangerous threat, it&#8217;s no surprise seeing a movement towards this least privileged access method. Traditional tools like <\/span><a href=\"https:\/\/www.esecurityplanet.com\/networks\/types-of-firewalls\/\"><span style=\"font-weight: 400;\">firewalls<\/span><\/a><span style=\"font-weight: 400;\">, <\/span><a href=\"https:\/\/www.esecurityplanet.com\/networks\/best-practices-vpn-access-remains-seamless\/\"><span style=\"font-weight: 400;\">VPNs<\/span><\/a><span style=\"font-weight: 400;\">, and <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/network-access-control-solutions\/\"><span style=\"font-weight: 400;\">NAC<\/span><\/a><span style=\"font-weight: 400;\"> used to secure the network at the perimeter. Today, however, internal access from consumers, remote workers, and IoT devices pose even more risk. By establishing a<\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/zero-trust-security-solutions\/\"><span style=\"font-weight: 400;\"> zero trust<\/span><\/a><span style=\"font-weight: 400;\"> environment, every user and device requires authentication. While the task is daunting, IT professionals who&#8217;ve taken on the challenge agree&#8211;starting small is better than not starting at all.<\/span><\/p>\n<p><b>Also Read: <\/b><a href=\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-outlook-2021\/\"><b>Cybersecurity Outlook 2021: Trends and Predictions <\/b><\/a><\/p>\n\n\n<div id=\"ta-campaign-widget-66d6d3b769176-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6d3b769176\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6d3b769176\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6d3b769176\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6d3b769176\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6d3b769176\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6d3b769176\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Zero trust has gone from new idea to buzzword and industry paradigm in a decade. Much more than a one size fits all product or service, zero trust requires an organization to identify its most sensitive assets, monitor traffic flows, and enforce granular, application-level access policies&#8211;all of which are entirely dependent on your organization. As [&hellip;]<\/p>\n","protected":false},"author":250,"featured_media":17884,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[14],"tags":[23887,30829],"b2b_audience":[],"b2b_industry":[],"b2b_product":[308,377],"class_list":["post-18260","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-networks","tag-microsegmentation","tag-zero-trust","b2b_product-enterprise-network-management","b2b_product-gateway-and-network-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to Implement Zero Trust | eSecurity Planet<\/title>\n<meta name=\"description\" content=\"The movement towards zero trust represent a paradigm shift for network security. Learn how to implement zero trust now.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Implement Zero Trust | eSecurity Planet\" \/>\n<meta property=\"og:description\" content=\"The movement towards zero trust represent a paradigm shift for network security. Learn how to implement zero trust now.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-18T05:55:41+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-08T21:51:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/ESP_MicroSeg_01-03.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2376\" \/>\n\t<meta property=\"og:image:height\" content=\"1189\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Sam Ingalls\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/SamIngalls\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sam Ingalls\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\"},\"author\":{\"name\":\"Sam Ingalls\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2\"},\"headline\":\"How to Implement Zero Trust\",\"datePublished\":\"2021-03-18T05:55:41+00:00\",\"dateModified\":\"2023-08-08T21:51:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\"},\"wordCount\":1624,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/ESP_MicroSeg_01-03.png\",\"keywords\":[\"microsegmentation\",\"zero-trust\"],\"articleSection\":[\"Networks\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\",\"name\":\"How to Implement Zero Trust | eSecurity Planet\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/ESP_MicroSeg_01-03.png\",\"datePublished\":\"2021-03-18T05:55:41+00:00\",\"dateModified\":\"2023-08-08T21:51:08+00:00\",\"description\":\"The movement towards zero trust represent a paradigm shift for network security. Learn how to implement zero trust now.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/ESP_MicroSeg_01-03.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/ESP_MicroSeg_01-03.png\",\"width\":2376,\"height\":1189},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Implement Zero Trust\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2\",\"name\":\"Sam Ingalls\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg\",\"caption\":\"Sam Ingalls\"},\"description\":\"Sam Ingalls is an award-winning writer and researcher covering enterprise technology, cybersecurity, data centers, and IT trends, for eSecurity Planet, Tech Republic, ServerWatch, Webopedia, and Channel Insider.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/singalls\/\",\"https:\/\/x.com\/https:\/\/twitter.com\/SamIngalls\"],\"url\":\"https:\/\/www.esecurityplanet.com\/author\/singalls\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Implement Zero Trust | eSecurity Planet","description":"The movement towards zero trust represent a paradigm shift for network security. Learn how to implement zero trust now.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/","og_locale":"en_US","og_type":"article","og_title":"How to Implement Zero Trust | eSecurity Planet","og_description":"The movement towards zero trust represent a paradigm shift for network security. Learn how to implement zero trust now.","og_url":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/","og_site_name":"eSecurity Planet","article_published_time":"2021-03-18T05:55:41+00:00","article_modified_time":"2023-08-08T21:51:08+00:00","og_image":[{"width":2376,"height":1189,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/ESP_MicroSeg_01-03.png","type":"image\/png"}],"author":"Sam Ingalls","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/SamIngalls","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Sam Ingalls","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/"},"author":{"name":"Sam Ingalls","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2"},"headline":"How to Implement Zero Trust","datePublished":"2021-03-18T05:55:41+00:00","dateModified":"2023-08-08T21:51:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/"},"wordCount":1624,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/ESP_MicroSeg_01-03.png","keywords":["microsegmentation","zero-trust"],"articleSection":["Networks"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/","url":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/","name":"How to Implement Zero Trust | eSecurity Planet","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/ESP_MicroSeg_01-03.png","datePublished":"2021-03-18T05:55:41+00:00","dateModified":"2023-08-08T21:51:08+00:00","description":"The movement towards zero trust represent a paradigm shift for network security. Learn how to implement zero trust now.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/ESP_MicroSeg_01-03.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/ESP_MicroSeg_01-03.png","width":2376,"height":1189},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"How to Implement Zero Trust"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2","name":"Sam Ingalls","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg","caption":"Sam Ingalls"},"description":"Sam Ingalls is an award-winning writer and researcher covering enterprise technology, cybersecurity, data centers, and IT trends, for eSecurity Planet, Tech Republic, ServerWatch, Webopedia, and Channel Insider.","sameAs":["https:\/\/www.linkedin.com\/in\/singalls\/","https:\/\/x.com\/https:\/\/twitter.com\/SamIngalls"],"url":"https:\/\/www.esecurityplanet.com\/author\/singalls\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18260"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/250"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=18260"}],"version-history":[{"count":1,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18260\/revisions"}],"predecessor-version":[{"id":31376,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18260\/revisions\/31376"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/17884"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=18260"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=18260"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=18260"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=18260"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=18260"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=18260"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}