The state of Zero Trust Access

* Courtesy of our partners Fortinet:

The zero-trust network security model has become a pervasive topic for IT professionals . Many organizations have a vision of what they want or need in terms of zero-trust and zero-trust network access (ZTNA), but the completeness of their vision isn’t necessarily being translated into the solutions they’re able to put in place .

Most organizations claim to either have a zero-trust access (ZTA) or ZTNA strategy either in place or in active deployment. However, most also report that they cannot consistently authenticate users or devices and struggle to monitor users after authentication.

Additionally, many organizations also report that implementing zero trust across an extended network is difficult . Because these are generally considered to be fundamental zero-trust functions, it appears that many organizations either misunderstand zero trust or that their solutions are being incompletely deployed.

Download the State of Zero Trust report by clicking here or on the image below.

What does a Zero Trust Access solution look like? Click here for the run-down.

Web Application Firewall (WAF)

According to Fortinet, Web Application Firewalls (WAFs) are designed to inspect and protect HTTP connections and prevent web-based attacks such as cross-site scripting (XSS) and SQL injection. While WAF tools and devices have been around for over a decade, and are a required technology for organizations that process credit card transactions (PCI-DSS), they are just now starting to gain traction in many networks.

Snapt say that every business exposing online applications, services, and APIs needs a Web Application Firewall (WAF) to operate safely and protect against cybersecurity threats. A WAF identifies and blocks attacks that lead to downtime, leaked data, and compromised transactions and accounts.

Some questions you may have:

  1. What does your network architecture and application infrastructure look like?
  2. Which teams will use the WAF and how?
  3. Where will you deploy a WAF?
  4. Which detection and blocking techniques suit your traffic and risk profile?
  5. Which application attacks present the biggest risks to your business?
  6. Would your apps benefit from virtual patching and scanner integration?
  7. Do you need PCI-DSS compliance for secure transactions?
  8. Do you need to terminate SSL traffic?
  9. What kind of visibility and reporting does your SecOps team need to be effective?

Click on any of the above questions to learn more, from our partner Snapt on their blog.

The difference between SD-WAN and MPLS

This topic is often how the SD-WAN discussion starts.

A network migration to SD-WAN (software defined wide area network) may deliver cost savings, performance improvements and better security.

According to our partners Fortinet, the short answer is that SD-WAN offers better visibility, availability, enhanced performance, and more freedom of action. It’s why the industry has seen interest in SD-WAN rising over the past few years.

Fortinet list the following benefits of SD-WAN over MPLS:

  • SD-WAN delivers potential cost savings.

    By reducing the amount of traffic that needs to traverse the MPLS links, one may utilize commodity internet, reducing MPLS costs.
  • Secure SD-WAN from Fortinet provides better protection than MPLS, because the solution is delivered as an integrated function within a next-generation firewall appliance.

    A wide array of security tools, such as IPS, firewall, WAF, web filtering, anti-virus, and anti-malware are simultaneously deployed, as these are natively part of the NGFW firewall / SD-WAN device.
  • SD-WAN delivers better network performance, utilizing diverse links and paths based on application or traffic type, for example.

    SD-WAN is application-aware, and can thus prioritize traffic accordingly, based on bandwidth, latency and other requirements.

Click here for more information on Fortinet’s Secure SD-WAN solution, or get in touch to discuss a SD-WAN solution that’s right for you and your business.

Our other partner, Aruba Networks, have made this short video which succinctly describes SD-WAN: