Professional Documents
Culture Documents
The old security architecture of a strong external perimeter being the best (and often only)
defense against compromise is becoming less and less adequate as the sophistication of
attackers improves, the vectors of attack shift or expand, and the threat surface grows. From ZERO TRUST MATURITY – HOW
direct attacks such as the recent log4j vulnerability, indirect attacks such as phishing with DOES NETSCOUT HELP?
malware, and internal lateral movement, traditional perimeter-based network access control
has proven insufficient in detecting, much less preventing compromise. Prevention at the edge First and foremost, comprehensive visibility of
has been the savior side of the arms race but has always, and will always, place second. the entire network is a requirement to achieve
any level of Zero Trust maturity.
To make matters worse, the implicit security assumption has been that everything inside an
organization’s network should be trusted. This almost always means that once on the network, NETSCOUT® Omnis® Security portfolio of
anyone can move laterally within the network – including attackers seeking further compromise. products can enable this and more:
The zero-trust model was designed to re-think the security paradigm to enable services which
• NETSCOUT network taps are used to mirror
drive digital transformation while also improving the security posture.
traffic from the wire
Zero-trust architecture (ZTA) is an enterprise’s cybersecurity plan which utilizes zero-trust • NETSCOUT Omnis® Cyber Intelligence (OCI)
principles and encompasses component relationships, workflow planning, and access policies. which analyzes that data in real-time and
Therefore, a zero-trust enterprise is the network infrastructure (physical and virtual), services, historically to detect and investigate threats
and operational policies that are in place as a product of a zero-trust architecture plan.
With comprehensive visibility, OCI can detect
threats, trace interconnected devices, view
However, establishing a ZTA is an ongoing process of refinements for any business as all
historical usage, and assist in orchestrating
existing networks, resources, processes, and security capabilities are reshaped to the mitigation through API. Additionally, OCI can
ZT model. Detection and validation of these ZT designs and policies need to be done utilize protection groups to classify networks,
continually to ensure both adherence to the ZTA as well as alerting when ZT enforcement servers, and services based on risk, allowing
boundaries are attempted to be crossed. Comprehensive visibility is essential to the for very rapid and concise verification of zero-
verification and maintenance of the ZT enterprise. trust adoption.
SECURITY 1
l SOLUTION BRIEF l Re-Thinking Enterprise Security – Zero Trust Security Principles for a Safer, More Secure Environment
Device Authentication Data at Rest Protection Network segmentation Single Sign-on Multi-Factor Authentication
Device Management Integrity Micro Segmentation Isolation User Authentication
Device Inventory Data Loss Prevention Transport Encryption Any Device Access Conditional Access
Device Compliance Data Classification Session Protection
Governance
As enterprises begin and refine their zero-trust architecture, their solutions increase in reliance
upon automated processes and systems, more fully integrate across pillars, and become more
dynamic in their policy enforcement decisions. Zero trust (ZT) is the term
In traditional, non-zero-trust deployments, the monitoring and analytics foundation is gathering
for an evolving set of
packets at the perimeters and occasionally in particularly specific or sensitive areas of the cybersecurity paradigms that
internal network. move defenses from static,
As the ZT architecture matures, perimeters blur or vanish altogether. East-West traffic now network-based perimeters
needs to be seen and controlled to detect and prevent lateral or deeper compromise. Resulting to focus on users, assets,
monitoring visibility is extended across the entire network, both physical and virtual. In an
optimized stage of ZT, full visibility and advanced analytics and intelligence validate the correctness
and resources. A zero-trust
and enforcement of security policies. Implementing and developing the ZT architecture takes architecture (ZTA) uses zero
time, and will continue to evolve as policies, processes, and tooling are improved. trust principles to plan
Whether you’re just beginning on your ZT implementation or are already very mature, industrial and enterprise
NETSCOUT’s visibility and analytics capabilities should be major components to the detection infrastructure and workflows.
and validation of your ZT design.
- NIST
NETSCOUT offers sales, support, and services in over 32 countries. Global addresses, and international numbers are
listed on the NETSCOUT website at: www.netscout.com/company/contact-us
© 2022 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Omnis, Guardians of the Connected World, Adaptive Service Intelligence, Arbor, ATLAS, InfiniStream,
nGenius, and nGeniusONE are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries.
Third-party trademarks mentioned are the property of their respective owners.
SECSB_033_EN-2202 05/2022