Ever since there have been networks to secure, network security has been predicated on network address-based trust and control. Network security policy was built to either permit or block traffic based on the unique address associated with the devices involved in the connection. But address-based policies can’t adequately protect the modern cloud or data center workload: many attacks and attackers spoof addresses or piggyback on approved firewall policies in order to gain access to a network. And once inside, attackers often have little difficulty moving laterally to get from their initial entry point to their ultimate target: sensitive information elsewhere on the network.
Zero Trust Networking is an alternative approach to workload protection and network security based on the idea that address-based policies aren’t going to get the job done. “Zero trust” means that no address can be assumed clean, whether it’s outside the network or inside the network. An effective zero trust networking product would find an alternative means of validating users and applications attempting to communicate.
Edgewise Networks has implemented the zero trust model and called it Trusted Application Networking to fulfill the dictates of zero trust networking—Trusted Application Networking deploys policies based on the trustworthiness of the user, host, and application identifiers. If you are interested in learning more, please request a demo.