Zero Trust Explained
- Security threats can be inside or outside your network.
- Every device and person accessing resources on your network must be authenticated and authorized.
- By default, no person or device is trusted.
How does Zero Trust work?
To enhance security in modern enterprises where users and devices are remote and threats are bypassing traditional perimeter defenses, it’s critical to have a rigorous security model that performs checks on a continuous basis. Before accessing the network, all devices and users should be identified and authenticated and given the least amount of access required, and then continuously monitored
Zero Trust requires the following key components:
- Comprehensive visibility – Active and passive discovery provides full visibility of all users and devices on your network, which can help you implement controls.
- Least access micro segmentation and control – Access control policies grant access to resources that are absolutely necessary for a device or user and segment them from other resources that are not required.
- Continuous monitoring and enforcement – Ongoing monitoring of users and devices on the network greatly reduces risks related to threats and malware.
Aruba ESP enables Zero Trust best practices to provide a comprehensive set of capabilities that span visibility, control, and enforcement to address the requirements of a decentralized, IoT-driven network infrastructure.
Why Zero Trust?
Network security is increasingly challenging because of mobility, IoT, and telecommuting environments. Zero Trust allows you to increase visibility, control, and enforcement to address the security requirements of a decentralized, IoT-driven network infrastructure.
Benefits of Zero Trust
Zero Trust helps ensure network security for today’s era of mobility, IoT, and work from home environments.
- Limits exposure to security risks related to vulnerable IoT devices.
- Helps reduce the risk of advanced threats that bypass traditional perimeter security controls.
- Limits damage related to lateral movement by attackers and infected devices.
- Takes a more holistic approach to security regardless of who or what is connecting and from where.
- Applies best practices such as micro-segmentation for a “Least Access” approach.