Today's organizations need a new security model that more effectively adapts to the complexity and risks of modern environments, embraces hybrid workplaces, and protects people, devices, apps, and data wherever they're located. Zero Trust is the first model with the potential to do all that. Zero Trust Architecture: Theory, Implementation, Maintenance, and Growth is the first comprehensive guide for architects, engineers, and other technical professionals who want to move from Zero Trust theory to implementation and successful ongoing operation
Author(s): Cindy Green-Ortiz; Brandon Fowler; Jason Frazier; David Houck; Hank Hensel; Patrick Lloyd; Andrew McDonald
Publisher: Cisco Press
Year: 2023
Language: English
Commentary: (for True Epub)
Pages: 370
Introduction
2 Chapter 1. Overview of Zero Trust (ZT)
1 Zero Trust Origins
2 Planning for Zero Trust
3 Zero Trust Organizational Dynamics
4 Cisco’s Zero Trust Capabilities
5 Summary
6 References in This Chapter
7 Chapter 2. Zero Trust Capabilities
1 Cisco Zero Trust Capabilities
2 Policy & Governance Pillar
3 Identity Pillar
4 Vulnerability Management Pillar
5 Enforcement
6 Analytics Pillar
7 Summary
8 References in This Chapter
9 Chapter 3. Zero Trust Reference Architecture
1 Zero Trust Reference Architecture: Concepts Explored
2 Summary
3 References in This Chapter
4 Chapter 4. Zero Trust Enclave Design
1 User Layer
2 Proximity Networks
3 Cloud
4 Enterprise
5 Business Services
6 Summary
7 Chapter 5. Enclave Exploration and Consideration
1 Addressing the Business
Identifying the “Crown Jewels”
3 Identifying and Protecting Shared Enclaves
4 Bringing Blurred Borders Back into Focus
5 Incorporating New Services and Enclaves
6 Using Automation in Enclaves
7 Considerations on the Physicality of an Enclave
8 Summary
9 References in This Chapter
10 Chapter 6. Segmentation
1 A Brief Summary of the OSI Model
2 Upper Layer Segmentation Models
3 Common Network-Centric Segmentation Models
4 North-South Directional Segmentation
5 East-West Directional Segmentation
6 Determining the Best Model for Segmentation
7 Applying Segmentation Throughout Network Functions
8 How To: Methods and Considerations for Segmentation in an Ideal World
9 Restricting Peer-to-Peer or Jump-Off Points
10 Summary
11 References in This Chapter
12 Chapter 7. Zero Trust Common Challenges
1 Challenge: Gaining Visibility into the Unknown (Endpoints)
2 Overcoming the Challenge: The Use of Contextual Identity
3 Challenge: Understanding the Expected Behavior of Endpoints
4 Overcoming the Challenge: Focusing on the Endpoint
5 Challenge: Understanding External Access Requirements
6 Overcoming the Challenge: Mapping External Communication Requirements
7 Challenge: Macrosegmentation vs. Microsegmentation
Microsegmentation for the Network
8 Overcoming the Challenge: Deciding Which Segmentation Methodology Is Right for an Organization
9 Challenge: New Endpoint Onboarding
10 Overcoming the Challenge: Consistent Onboarding Processes
11 Challenge: Policies Applied to Edge Networks
12 Overcoming the Challenge: Ubiquitous Policy Application
13 Challenge: Organizational Belief That a Firewall Is Enough
14 Overcoming the Challenge: Defense in Depth and Access-Focused Security
15 Overcoming the Challenge: The Case for Securing the Application, Not the Network
16 Summary
17 References in This Chapter
18 Chapter 8. Developing a Successful Segmentation Plan
1 Planning: Defining Goals and Objectives
2 Plan: Segmentation Design
3 Implement: Deploying the Segmentation Design
4 Implement: The Segmentation Model
5 Summary
6 References in This Chapter
7 Chapter 9. Zero Trust Enforcement
1 A Practical Plan for Implementing Segmentation
2 Endpoint Monitor Mode
3 Endpoint Traffic Monitoring
4 Enforcement
5 Network Access Control
6 Environmental Considerations
7 Practical Considerations Within Contextual Identity
8 Summary
9 Chapter 10. Zero Trust Operations
Zero Trust Organization: Post-Implementation Operations
2 The Life Cycle of Zero Trust Policies
3 Moves, Adds, and Changes in a Zero Trust Organization
4 Summary
5 References in This Chapter
6 Chapter 11. Conclusion
1 Zero Trust Operations: Continuous Improvements
2 Summary
3 Appendix A. Applied Use Case for Zero Trust Principles
1 Business Problem
2 Goals and Drivers
3 Application of the Principles of Zero Trust
4 Conclusion