Zero trust requires network visibility

AI and machine-learning techniques are imperative in a zero-trust environment that depends on analysis of the behavior of every device, person, or system using the network.

Binary code / magnifying lens / inspection / analysis
Andreus / Getty Images

In a zero-trust environment, trust is not static. Behavior has to be visible for trust to persist.

One of the most important differences between old thinking on networking and the zero-trust mindset is the inversion of thinking on trust. Pre-ZT, the assumption was this: Once you get on the network, you are assumed to be allowed to use it any way you want until something extraordinary happens that forces IT to shut you down and remove your access. You are assumed broadly trustworthy, and confirming that status positively is very rare. It is also very rare to have that status revoked.

Post-ZT, the assumption is flipped: Use of the network is entirely contingent on good behavior, and you are strictly limited as to what you can communicate with, and how. You can only do what the organization allows in advance, and any significant misbehavior will automatically result in you being pushed off the network.

The “automatically” part is important. A ZT architecture includes as an integral component a closed loop between ongoing behavior on the network and ongoing permission to use it (as manifest in the trust map that drives the environment’s policy engine). That is, ZT by definition requires that there be feedback, automated and preferably real-time, from observable network behavior to enforced network permissions.

Spotting 'significant misbehavior' requires deep visibility

To continue reading this article register now