Zero Trust Security: An Enterprise Guide (Paperback)

Part I: Overview

Chapter 1. Introduction

1.1. Overview of This Book

1.2. Our approach to Zero Trust

1.3. Goals: A Roadmap and Framework for Zero Trust

1.4. The Moral Imperative to Adopt Zero Trust

2. What is Zero Trust?

2.1. History and Evolution

2.2. Forrester’s Zero Trust eXtended Ecosystem

2.3. Gartner’s approach to Zero Trust

2.4. Core Principles

2.4.1. Ensure all resources are accessed securely, regardless of location

2.4.2. Adopt a least privilege strategy and strictly enforces access control

2.4.3. Inspect and log all traffic

2.5. Expanded Principles

2.5.1. Automation

2.5.2. Integration

2.5.3. Effectiveness

2.6. Zero Trust: A Working Definition

2.7. Our Zero Trust Requirements Framework: An Introduction

Chapter 3. Zero Trust Models

3.1. Google’s BeyondCorp

3.2. The Software-Defined Perimeter

3.4. NIST 800-207

3.5. Microsegmentation (East-West/Server-to-Server)

3.6. Hybrid Models

3.6.1. Microsoft

3.6.2. Google’s Enterprise Offering

3.7. Pros and Cons of Approaches

3.8. Trusting the Agent (the host integrity problem)

3.9. Implications: Network security, management, and infrastructure

3.10. Zero Trust Models and Your Enterprise

Part II: Zero Trust and Enterprise Architecture Components

Chapter 4. Identity Management

4.1. Introduction

4.2. Authentication

4.2.1. RADIUS

4.2.2. Microsoft Active Directory

4.2.3. LDAP

4.2.4. SAML

4.2.5. Emerging Standards (FIDO, OAuth, OpenID Connect)

4.2.6. Mobile and Biometrics

4.3. Public Key Infrastructure

4.4. Directories

4.5. RBAC and ABAC

4.6. Authentication, Authorization, and Zero Trust

4.6.1. Authentication

4.6.2. Authorization

4.7. Identity Lifecycle

4.8. Identity Governance

4.9. Identity Management and Zero Trust: Some Closing Thoughts

4.10. Summary: Zero Trust Requirements for Identity Management Systems

Chapter 5. Network Infrastructure

5.1. Firewalls

5.2. DNS

5.3. Load Balancers

5.4. Summary: Zero Trust Network Infrastructure Requirements

Chapter 6. Network Access Control (NAC)

6.1. Definition

6.2. NAC and Zero Trust

6.2.1. Unmanaged Guest Network Access

6.2.2. Managed Guest Network Access

6.2.3. Managed vs. Unmanaged Guest Networks: A Debate

6.2.4. Third-Party Access

6.2.5. Employee BYOD

6.2.6. Block, Quarantine, Grant Access based on Device Profile

6.3. Summary: Zero Trust Requirements Network Access Control

Chapter 7. Intrusion Detection Systems and Intrusion Prevention Systems

7.1. Types of IDS/IPS

7.1.1. Host-Based Systems

7.1.2. Network-Based Systems

7.2. Network Traffic Analysis, Encryption, and TLS 1.3

7.3. Summary : Zero Trust and IDS/IPS Requirements

Chapter 8. Virtual Private Networks (VPNs)

8.1. Types of VPNs

8.1.1. Consumer

8.1.2. Site-to-Site (Enterprise)

8.1.3. Remote Access (Enterprise).

8.2. VPNs: Remote Access, but not Security

8.3. Summary: Zero Trust and Remote Access (VPN) Requirements

Chapter 9. Next-Generation Firewalls (NGFWs)

9.1. Overview and Definitions

9.2. Summary: Zero Trust and NGFWs

Chapter 10. Security Information and Event Management (SIEM)

10.1. Overview

10.1.1. On-Premises SIEMs

10.1.2. Cloud-Based SIEMs

10.2. Summary: Zero Trust and Integration with SIEMS

Chapter 11. Privileged Access Management (PAM) Systems

11.1. Definition

11.2. Credential Vaulting

11.3. Credential Management

11.4. Privileged Session Management

11.5. Summary: Zero Trust and PAM

Chapter 12. Web Application Firewalls (WAF) and Secure Web Gateways (SWG)

12.1. Definitions

12.2. WAF Capabilities

12.3. SWG Capabilities

12.4. Summary: Zero Trust and Secure Web Access Requirements

Chapter 13. Cloud - IaaS, PaaS, and SaS

13.1. Introduction & Definitions

13.2. A Cloud Service Security Model

13.3. Cloud Services and Network Access Control

13.3.1. Security Groups

13.3.2. Site-to-Cloud VPNs

13.3.3. Intra-Cloud Network Access Controls

13.3.4. Publicly Accessible Services (SaaS) and Zero Trust

13.3.5. Metadata and Cloud Access Control

13.4. Cloud as a DevOps Platform

13.5. Summary: Zero Trust and Securing Cloud Access Requirements

Chapter 14. Cloud Access Security Brokers (CASB)

14.1. Introduction and Purpose

14.2. Visibility

14.3. Compliance

14.4. Data Loss Prevention (DLP)

14.5. Summary: Zero Trust Requirements for CASB

Chapter 15. Serverless Computing

15.1. Introduction and Definitions

15.2. Container Security Challenges for Zero Trust

15.3. Serverless Cloud Function Challenges for Zero Trust

15.4. Summary: Zero Trust Requirements for Serverless Computing

Chapter 16. IoT Devices and “Things”

16.1. Introduction and Definitions

16.2. A Framework for Zero Trust and Things

16.3. Summary: Zero Trust Security Requirements for IoT Devices

Chapter 17. Virtual Desktop Infrastructure (VDI)

17.1. Introduction, and Types of VDI

17.2. VDI Strengths and Weaknesses

17.3. Summary: Zero Trust Requirements for VDI

Part III: Putting it all Together

Chapter 18. A Zero Trust Policy Model

18.1. What do we mean by “Policy”?

18.2. Zero Trust Policy Examples

18.3. Zero Trust Policy Model Requirements

Chapter 19. Zero Trust Scenarios

19.2. VPN replacement

19.3. NAC replacement

19.4. Securing DevOps

19.5. Full Zero Trust network / Network Transformation

19.6. Third-Party access

19.7. M&A

Chapter 20. Conclusion and Recommendations

20.1. No More Silos (Tear down that wall!)

20.2. Approach Zero Trust Step-by-Step

20.3. Open Questions

20.3.1. Unsolved Problems in Zero Trust

20.3.2. Zero Trust and Future Trends