The Zero Trust Framework

Pillars of Zero Trust: Zero Trust Networking

JUL 27, 2020

By John Filitz, Trace3, Senior Research Analyst

Enterprise IT trends for cloud adoption are accelerating. Synergy Research reports a 37 percent increase in cloud infrastructure spend for Q1 2020 compared to the same period last year.[1] The significant surge in remote working as a result of the pandemic also has resulted in demand spiking for Software Defined-Wide Area Networking (SD-WAN) solutions. A recent report (2020) indicates 92 percent of respondents are currently evaluating SD-WAN adoptions.[2]

Cloud hosted SD-WANs represent significantly greater networking flexibility and are easier to manage than conventional virtual private networks (VPN) routers and multiprotocol label switching (MPLS) options. With SD-WAN, networking costs are decreasing, too, as enterprises move away from complex and cumbersome router-based VPN and MPLS connections to flexible and easier-to-implement cloud hosted SD-WANs.[3]

Security is increasingly becoming a standardized feature of SD-WAN solutions, giving rise to what Gartner has coined as Secure Access Service Edge (SASE).[4] SASE solutions represent an integrated SD-WAN and cloud network security offering, including Cloud Access Security Broker, Firewall-as-a-Service, Zero Trust Network Access, and Secure Cloud Web Gateway capabilities, alongside traditional networking features.[5]

The advance of SASE technology as a solution offering is gaining momentum among leading vendors, represented by the continued uptick in strategic mergers and acquisitions, as well as the growth in bespoke SASE platform offerings. Recent strategic SASE acquisitions include Palo Alto Network’s acquisition of CloudGenix and ZScaler’s acquisition of Edgewise Networks. Key players in this space include Barracuda, Cato Networks, CISCO, Forcepoint, Iboss, Juniper, Netskope, Perimeter 81, and VMware, to name a few.

Cloud Hosted Zero Trust Network Security

SASE solutions represent a maturation of cloud networking and cloud security solutions, with leading vendors offering a platform approach to addressing the increasing demands of networking and compute in a perimeter-less world. The increasing adoption of cloud and cloud-at-the-edge (cloudlets) and the proliferation of Internet-of-Things (IoT) devices, combined with the roll-out of 5G networking infrastructure, represents the next phase of enterprise computing.

In this distributed and cloud-native world, it is fundamentally important that the networking and security technology are nimble enough to meet dynamic compute requirements while always ensuring network security. SD-WAN, together with SASE, represent a positive step to addressing networking flexibility and zero trust security demands associated with increasingly distributed computing environments.

Developing a Zero Trust Networking Strategy

Cyber security threats were continuing a trajectory of escalation prior to the pandemic. The pandemic and the resulting surge in remote working have only exacerbated the frequency of attacks, with remote users especially vulnerable. For example, in March 2020 Zscaler reported a 30,000 percent increase in COVID-19 themed attacks on remote users,[6] and Barracuda reported a more than 650 percent monthly increase in spear phishing attacks.[7]

Given the rapid shift to remote working, a high volume of remote users also are operating outside of the purview of IT departments and traditional perimeter-based network security controls. This has resulted in significantly more enterprise data residing on user endpoints, some of which are unsanctioned devices. Only by implementing a Zero Trust networking strategy, including leveraging the best-of-breed SD-WAN and SASE solutions, will enterprises be able to safeguard their information systems from the threat of a breach.

In the next blog, we’ll explore the efficacy of Micro-Segmentation in Zero Trust. For more information on how to architect and implement Zero Trust networking, request a custom Trace3 Zero Trust Workshop.

___________________________________________________________________________________

[1] Synergy Research. (2020). COVID-19 Fails to Dent Aggressive Growth in Cloud Spending; Half of the Q1 Market Belongs to Amazon & Microsoft.
[2] Fierce Telecom. Report: As demand for cloud connectivity grows, WFH spurs SD-WAN sector
[3] VMware. VMware SD-WAN Cuts Costs, Accelerates Performance for Branch Office Connections
[4] Gartner. (2019). The Future of Network Security is in the Cloud
[5] Filitz, J. (2020). Managing Cyber Security Risk. Trace3
[6] Zscaler. (2020). 30,000 Percent Increase in COVID-19-Themed Attacks
[7] Shi, F. (2020). Threat Spotlight: Coronavirus-Related Phishing. Barracuda

Leave a Reply

Your email address will not be published. Required fields are marked *