Seven Elements of Highly Successful Zero Trust Architecture
An architect’s guide to the Zscaler Zero Trust Exchange
Get a sneak peek of Section One: Verify Identity and Context
Zero trust architecture is designed so that access is completely blocked until explicitly allowed. This differs from most traditional environments where network access was implicitly granted and managed via antiquated network controls. When an initiator presents the correct identity, then access may be granted only to the specific set of allowed services and nothing more. This “never trust, always verify” approach is the underpinning of zero trust architecture. Therefore, it is imperative enterprises ensure correct integration with a trusted IdP provider.
The requesting entity’s identity and profile are considered based on granular policy implemented in Element 7. For example:
A verified user with the correct profile values
- would need access to SAP;
- would not need access to an IoT sensor; and
- could need access to YouTube.
Whereas a verified IoT/OT device with correct profile values
- would need access to an IoT engine; and
- would not need access to YouTube.
In addition, a verified workload
- would need to access a comparable workload; and
- could need access to the internet.
In this simplified example, access policies can be ascertained solely by differentiating the type of initiator. Subsequently, identity can be further assessed and enriched with context, e.g., a valid user logging in from a company device, to deliver a more complete statement of identity (see Element 2).
At this point, authentication moves from simply a contextual yes/no into an authorization stage, where values related to the authenticated identity such as role, responsibility, location, etc., can be used to further validate the initiator.
By combining these values, identity control becomes quite powerful and each identity should be unique at the moment of authorization (re-assessment will be discussed in Element 4 with dynamic risk scoring).
Legacy architectures leave you vulnerable to attack
Traditional network and security approaches, such as VPNs and firewalls, become ineffective as applications move to the cloud and users work from everywhere. These approaches require that users connect to the network, which opens the door for attackers to compromise sensitive data and inflict substantial damage on your business.
Zero Trust Architecture:
Comprehensive Security for Digital Transformation
To be successful in today’s hybrid work environment, IT and security teams need to rethink networking and security. This is where a zero trust architecture comes into play.
Zero trust is a holistic security approach based on least-privileged access and the idea that no user or application should be inherently trusted. It assumes all connections are hostile and only grants access once identity and context are verified and policy checks are enforced.
Zscaler delivers zero trust through the Zero Trust Exchange—an integrated, cloud native platform that securely connects users, workloads, and devices to applications without connecting to the network. This unique approach eliminates the attack surface, prevents lateral threat movement, and protects against compromise and data loss.
The Seven Elements of Zero Trust
See a zero trust architecture in action
Zero trust is the next evolution of security that no longer relies on castle-and-moat security to protect hub-and-spoke networks. A true zero trust architecture securely connects users, workloads, and devices only to the apps they are authorized to access—over any network from any location—without putting either the initiator or destination app on a routable network where it can be discovered and exploited.
Verify identity and context
When a connection is requested, the zero trust architecture terminates the connection and verifies identity and context:
- Who is connecting? – Verifies the user/device, IoT/OT device, or workload identity.
- What is the access context? – Validates the context of the connection requester, looking at attributes such as role, responsibility, and location.
- Where is the connection going? – Confirms that the destination is known, understood, and contextually categorized for access.
Control Content and Access
Next, the zero trust architecture evaluates the risk associated with the connection request, and inspects traffic for cyberthreats and sensitive data:
- Assess risk – Leverages AI to dynamically compute a risk score of the requested access.
- Prevent compromise – Inspects inbound traffic to identify and block malicious content.
- Prevent data loss – Decrypts and inspects outbound traffic and content to prevent exfiltration of sensitive data.
Enforce Policy: Per-Session Decision and Enforcement
After controlling for risk, policy is enforced before ultimately establishing a connection to the internal or external application:
- Enforce policy – Determines what conditional action to take regarding the requested connection.
Once an “allow” decision is reached, a secure connection to the internet, SaaS app, or internal application is established. For internal apps, this is an encrypted, outbound-only tunnel that eliminates any attack surface.
The Seven Elements of Zero Trust
See a zero trust architecture in action
Zero trust is the next evolution of security that no longer relies on castle-and-moat security to protect hub-and-spoke networks. A true zero trust architecture securely connects users, workloads, and devices only to the apps they are authorized to access—over any network from any location—without putting either the initiator or destination app on a routable network where it can be discovered and exploited.
Verify identity and context
When a connection is requested, the zero trust architecture terminates the connection and verifies identity and context:
- Who is connecting? – Verifies the user/device, IoT/OT device, or workload identity.
- What is the access context? – Validates the context of the connection requester, looking at attributes such as role, responsibility, and location.
- Where is the connection going? – Confirms that the destination is known, understood, and contextually categorized for access.
Control Content and Access
Next, the zero trust architecture evaluates the risk associated with the connection request, and inspects traffic for cyberthreats and sensitive data:
- Assess risk – Leverages AI to dynamically compute a risk score of the requested access.
- Prevent compromise – Inspects inbound traffic to identify and block malicious content.
- Prevent data loss – Decrypts and inspects outbound traffic and content to prevent exfiltration of sensitive data.
Enforce Policy: Per-Session Decision and Enforcement
After controlling for risk, policy is enforced before ultimately establishing a connection to the internal or external application:
- Enforce policy – Determines what conditional action to take regarding the requested connection.
Once an “allow” decision is reached, a secure connection to the internet, SaaS app, or internal application is established. For internal apps, this is an encrypted, outbound-only tunnel that eliminates any attack surface.
See the Zero Trust Exchange in action
Follow Jane and John Doe on their journey through the zero trust process of accessing applications to see how the seven elements are applied by the Zscaler Zero Trust Exchange.
Explore Resources
EBOOK
Seven Elements of a Highly Successful Zero Trust Architecture
AT A GLANCE
Zscaler Zero Trust
Exchange Benefits At A Glance
WHITE PAPER
The One True Zero Trust Platform
VIDEO
De-Hyping Zero Trust in Seven Simple Steps
ARTICLE
Charting the Path to Zero Trust: Where to Begin
CERTIFICATION