Recently, I read about Zero Trust Network, I’d like to briefly summarize the contents.
Zero Trust Networks
The perimeter defenses guarding your network perhaps are not as secure as you think. Hosts behind the firewall have no…
What is Zero Trust Network?
There are five principles in a zero trust network.
- Networks are always considered insecure
- External and internal threats are always present on the network
- Local networks are not enough to determine that you can trust your network
- Every device, user and network flow is authenticated and authorized
- Policies are dynamic and should be based on as many sources as possible
Based on the above, the Zero Trust Network was proposed to prepare for security risks that cannot be dealt with by the boundary model, which is a conventional network security architecture.
With the recent spread of SaaS and mobile devices, the boundaries of networks to be protected have become ambiguous, and it seems that recognition is gradually increasing.
Boundary model and zero trust model
In the traditional network model, the network is divided into zones and firewalls stop the intrusion. Each zone is assigned a certain level of trust, which determines which network resources are allowed access.
Zero trust model
The place where access control is applied is distributed and the principle of zero trust is applied. The control plane provides access control support.
Control plane and data plane
In a zero trust network, a system that supports access control is called a control plane. Anything other than the control plane is called the data plane and is managed by the control plane.
Trust and credit, certification and authorization
In a zero trust network, it is decided based on trust whether to allow communication to the following objects .
However, it is too costly for a living person to handle all requests, so a certain amount of trust is allocated to each system, and each system handles each request. This is called a trust chain.
Define a threat model and design your network under model-based risks .
In order to gain trust on the system, it is necessary to have the request acknowledged as a legitimate request, and as a method for that, certificate authentication based on public key infrastructure is mainly recommended.
Network agents include rough data to detailed data depending on needs and maturity. The finer the information, the more likely it is to be a problem in data cleansing. The network agent is actually the target of authorization in the determination of authorization in the zero trust network . Not used for authentication.
Toward the realization of a zero trust network
At present, there seems to be no solution for implementing a zero trust network, which is the standard yet, and it seems that each company is designing based on the above principles by various methods.
Example from GOOGLE:
BeyondCorp Zero Trust Enterprise Security | Google Cloud
BeyondCorp is Google's implementation of the zero trust model. It builds upon a decade of experience at Google…
About VPN in Zero Trust Network
VPN communication is not recommended for zero trust networks.
One of the reasons is that it is important for zero trusts to have secure communication between endpoints in the application layer (L7 layer), but if you add a component on the network that is responsible for that, you can add a component between the component and the endpoint. This is because network communications can remain physically and virtually threatened. I understand that VPN is just an extension of the company’s NW, so it’s still dangerous.
Recently, due to the sudden request for remote work the number of people who work by connecting VPN etc. from outside to inside the company is increasing, but I am also concerned about whether the security around that is okay. There is an argument that the zero trust network will become mainstream from now on, but honestly, I personally think that it will take a long time to be implement in.