Tech Talk Series: Modern Software Defined Architecture Lunch & Learn
Events
Tech Talk Series: Modern Software Defined Architecture Lunch & Learn
Date: February 19, 2020 | 10am - 2pm | Location: DreamPort Facility in Columbia MD
Register soon, as attendance is limited to 125 registrants!
Abstract
The invisible line that we draw between what belongs to the enterprise and what doesn't – servers, desktops, networks, applications, and logins – traditionally depends on firewalls and endpoint-resident security software to protect that boundary.
But the headlines are full of examples where that simply wasn't enough. People have certainly been promoting the perimeter's demise for years now: the Jericho Forum was created to tackle "de perimeterization" as early as 2003. The idea picked up steam as the cloud became more accepted as a common place to store and process data. John Kindervag at Forrester Research coined the term "zero trust" around 2009 to propose a specific framework.
So, let's not think of it as getting rid of the perimeter, but rather as tightening security on the inside so that the network perimeter isn't the only thing keeping the attacker at bay.
Instead of thinking of the perimeter as one type of access control around the "edge" of the network, think of the perimeter as any place where you make an access control decision. This could still be at the firewall or switch, but it could be at other layers as well: the difference between logging in to a third-party SaaS application with a personal ID and logging in with a corporate ID dictates which security decisions apply, and who makes them.
Where an application tries to access a database, that's a perimeter. When a user elevates privilege to perform a sensitive operation, that's also a perimeter. The zero-trust model of security prompts you to question your assumptions of trust every time there's an access event.
Introducing the Three Pillars of Zero Trust
Zero Trust for the Workforce
People such as employees, contractors, partners and vendors accessing work applications using their personal or corporate managed devices. This pillar ensures only the right users and secure devices can access applications, regardless of location.
Zero Trust for Workloads
Applications running in the cloud, in data centers, and other virtualized environments that interact with one another. This pillar focuses on secure access when an API, a microservice or a container is accessing a database within an application.
Zero Trust for the Workplace
This pillar focuses on secure access for any and all devices (including IoT) that connect to enterprise networks, such as user endpoints, physical and virtual servers, printers, cameras, HVAC systems, kiosks, infusion pumps, industrial control systems, and more.
A zero-trust approach doesn't require a complete reinvention of your infrastructure. The most successful solutions should layer on top of and support a hybrid environment without entirely replacing existing investments. Sharing dynamic context on identity, vulnerability and threat associated with users, devices and applications across all the various enforcement points is the best way to harmonize security policy.
Join Cisco network and security engineers for lunch and to learn how a Zero Trust security architecture helps you prevent unauthorized access, contain breaches, and reduce the risk of an attacker's lateral movement through your network. The target audience is anyone interested in security and network operations, from experienced user to someone who is unfamiliar and curious about what all of the Zero Trust buzz is about.
Agenda
Network security: prevent and contain breaches on the network
By segmenting access across your network, you can better isolate and control critical areas of your network to contain breaches and prevent lateral movement. Get more visibility into what's on your network so you can secure it with a zero-trust approach.
Workforce security: control who gets access
Assume zero trust until you can verify the trustworthiness of your users' identities and the security of their devices. Protect against phishing and other identity-based attacks.
Workload security: protect the entire application stack
Secure access for APIs, microservices, or containers accessing a database within an application, no matter where it's located–in the cloud, data centers, or other virtualized environments. Segment access and identify malicious behavior to contain breaches and protect against lateral movement.
Device security: control user and IoT devices
Get visibility into, better secure, and control every device accessing your applications and network at all times. That includes Internet of Things (IoT), network-enabled devices, and (managed and unmanaged) user devices like APIs, cameras, HVAC systems, printers, medical equipment, and more.
Visibility and analytics: gain insight to enforce security
Improve or increase visibility and analytics for your users and admins by gaining insight to unknown or unidentified assets on your network, across workloads or applications. Integrate with other data sources to use information intelligently to create and enforce policies that strengthen your overall security posture.
Automation and orchestration: respond to threats quickly
The ability to integrate and automate security across your entire IT environment–for applications, networks, and workloads–is key for the success of your zero-trust strategy. By automating policy enforcement consistently across your environment, you can prevent a breach and also automate your threat response to more quickly contain a breach.
Data security: encryption and secure access
Take a zero-trust approach to securing data by protecting the new, extended perimeter: classify and categorize data; authorize user and device access to data; prevent data loss and exfiltration; and encrypt emails and device data.