I recently attended a one-day data center summit. Interesting items and topics discussed throughout by everyone. The opening speaker was John Kindervag of Forrester. He advocated the concept of Zero Trust Network Architecture (ZTNA).
I walked away from the summit thinking about the concept of Zero Trust Network Architecture (ZTNA). I find it to be a complete shift from the traditional perimeter security approach – which John Kindervar characterized as “trust” and “untrust”.
One of the first concepts I was exposed to in network security upon entering the networking field was that of “trust” and “untrust”. ZTNA does away with this traditional thinking. Given the presentation in the conference from John Kindervag and the security events that are publicly known from 2011, it stands strong reason for ZTNA to become discussed and considered.
According to John Kindervar there are already organizations adopting ZTNA.
Based on what I heard in the conference ZTNA will impact the way network architects/engineers and security engineers go about building and securing networks. John Kindervar advocated that ZTNA architecture is comprised of what is termed a Micro Core and Perimeter (MCAP). I like to think of it as a zone or container.
From what I heard an MCAP is scalable, centrally managed, share similar functionality global policy with other MCAPs, all traffic to/from an MCAP is inspected and logged and secures VMs by default.
For me moving forward there is much more to learn and understand overall about ZTNA conceptually and practically.