Best Zero Trust Network Security Architecture
When computers and networks were in their infancy, progress seemed lightyears away. We are now long past the point of this naïve view of technology and the pace it can accelerate at. As early as 1965, Moore’s law predicted that the number of transistors on a computer chip would double exponentially around every two years. A prescient prediction, but ultimately the accuracy of which even Moore himself must have been surprised by.
Indeed, computer chips have grown in complexity to the point where present-day technology would seem alien to someone from only two decades ago. The potential for computers was always immense as was illustrated by a very rudimentary version of modern-day computers reliably getting humankind to the moon.
How far we’ve come. Now conversations revolve around building colonies on Mars! Of course, we’ve spoken about computers as a singular entity, and they have been responsible for our constant march forward in their own right. However, we would be remiss if we failed to mention one of the most crucia
Of course, most people would understand this better as simply “the internet”. The internet has been essential to our progress as a species, the monumental leaps we’ve taken over the past few decades, and the promise that we see in the future. As computers grew in complexity and capability, so too did networks.
Naturally, where there is good there will always be evil. Networking allowed us to deliver incredible solutions to everyone from consumers to governments to commercial enterprises. However, it also presented risks. Security was a simple matter when networks were simple and one-dimensional, but as already discussed, computers and networks have become extremely dynamic in this day and age.
This means that innovative and smart security is the need of the hour. It isn’t as if security has not always been a concern. When you consider the variety of users for the internet, you’ll see that good security has always been a priority. Especially for entities like the military where secure exchange of information can be of strategic importance.
As with most ambitious goals, it takes a combined effort to reach the goal. Just as with the moon landing, which was a joint effort by the government, the military, the private sector, and the scientific community, network security will also require close cooperation and partnerships. Private tech companies, such as those in Silicon Valley have developed a strong reputation for providing the innovative solutions that such a task requires.
The call to action has been answered – Zero-Trust Network Architecture.
Transforming for Innovation, Sustainability and Security
The Need for Better Security Architecture
Before we can discuss what a zero-trust network architecture is, we must first understand the circumstances that have necessitated its need. With networks growing in complexity thanks to the advent of new technologies such as big data, cloud computing, IoT, and mobile internet, the old boundaries that protected networks are quickly fading.
Businesses and entities such as the armed forces require strong boundaries established by closed internal networks. These boundaries ensure that the devices on the network are secure from outside influence. However, closed internal networks also present limitations that businesses and other entities would understandably wish to surpass.
Utilization of big data via cloud computing makes organizations faster, leaner, more efficient, and ultimately more powerful. Given that every organization wishes to make use of these innovations, the old security parameters are being eroded. This is because these parameters rely on networks being closed off from the world. As we’ve seen though, the future is headed towards broader more open networks.
Making use of the Internet of Things is another goal for numerous organizations. Such technologies can increase the scope of what can be done with the available resources. Once again, the security challenges increase too. Under the old security parameters, you keep all devices within the rigid boundaries of the internal network.
To participate in cloud computing, big data innovations, and IoT applications, devices need to interact with those that are outside of the network. The security parameters that exist at the moment cannot facilitate this. Neither can they create a situation whereby the devices can gain the benefit of leaving their secure bubble but restrict access of external devices to their network.
The challenge is clear but also further complicated by another dimension to the story – malicious parties. The outlook for network security isn’t very positive either. The frequency and complexity of attacks is rapidly increasing. Attacks on enterprise and closed networks are becoming increasingly aggressive, highly targeted, and incredibly well-organized.
Not to mention internal threats posed by unauthorized data access, unintentional data theft, mistakes by users. Surprisingly, it is the internal threats that illuminate the biggest problem with current network security protocols – trust. At the heart of the current network security architecture is trust. There is an implicit understanding that the devices on the network can be trusted. Following this line of reasoning, we can see clearly that if even one device on the network poses a security threat, the security of the entire network is compromised.
The exact mechanism of how the device presented a security threat is irrelevant to our discussion. This is because, as we’ve already mentioned, networks are complex enough today that any small detail could create a massive liability. This brings us back to zero-trust network architecture and why so many believe it is the future.
Transforming for Innovation and Sustainability securing future competitive advantage
What is Zero Trust Network Architecture?
Let us now take a closer look at zero-trust network architecture. Zero-trust architecture requires the fulfillment of five fundamentals:
- One must assume that the network is hostile at all times.
- There is a constant threat on the network, both internal and external.
- Being on the network is not a sufficient criterion for trust.
- Each device, and user must be authorized and authenticated at every stage.
- Security policies must be flexible and proactive, collecting information from all available data sources.
The above fundamentals should shed light onto what the foundational requirements of a zero-trust network are.
Introducing Calico Enterprise Zero-Trust Network Security
As previously mentioned, the private sector has a huge part to fulfill in helping organizations create safe and secure network environments. We’ve already seen that zero-trust network security architectures are best equipped to tackle the new frontier of information technology.
Tigera is responsible for producing the Calico Enterprise Zero-Trust Network Security platform that takes zero-trust network security principles and implements them for organizations looking to protect themselves from the constant threats in today’s online environment.
Tigera recognizes better than anyone the need for zero-trust security for todays organizations. The old model has long become obsolete, and Tigera is committed to bringing zero-trust security to everyone. The implicit trust provided an obvious risk, that the Calico Enterprise Zero-Trust Network Security platform hopes to overcome.
The fundamentals of zero-trust have already been discussed so let’s take a deeper look at how Calico Enterprise Zero-Trust Network Security implements those fundamentals to create a superior network security solution.
A variety of techniques are utilized by the platform which include, identity-verification, defense-in-depth, access limitation, data encryption, and privilege controls. As a result of Kubernetes open nature, it is more vulnerable to malware than other networks. The cluster can easily be compromised because essentially any pod can connect to another on the same network. As a result, malware can spread quickly and undetected.
The one-time authorization that is a significant feature of the old network security architecture offer insufficient protection in this environment. Real-time and proactive monitoring is required in this case. This is the fundamental requirement for zero-trust policies, wherein each device must be constantly authorized for continued access to the network.
This not only protects cloud assets, but also reduces liabilities and increases the overall strength of the network. Tigera’s Calico Enterprise Zero-Trust Network Security platform offers four key features that distinguish it from the competition:
- Workload Identity: First and foremost, multi-factor authentication via general metadata, network identity, and x.509 certificates applies to all microservices. Even after authentication, access is only given to destinations that the microservice has prior authorization to connect to.
- Least Privilege Access Control: The term access control should be rather self-explanatory. The least privilege part of the equation is what is so unique and great about Tigera’s Calico Enterprise Zero-Trust Network Security platform. It begins with a foundation of no trust for the device and then gradually provides access as required. This not only applies to traffic between microservices but also the flow of data into and out of the cluster. This broad approach protects the entire infrastructure stock.
- Defense in Depth: We’ve already explained that a foundational part of zero-trust networks is that some part of the network is assumed to be compromised at any given moment. As such, Calico Enterprise Zero-Trust Network Security makes a determination at every connection request. This determination depends on whether the request has been authorized at all three layers – the host, the pod and the container. If even one layer is observed to be compromised, then access is denied, and you are alerted to the issue.
- Data-in-Transit Encryption: When data moves between microservices it is especially vulnerable. Calico Enterprise protects all traffic by encrypting it with mTLS and IPsec encryption.
Requirements of a Zero-Trust Network
There are a few requirements that a zero-trust network must fulfill.
Requirement 1: The very first requirement of a zero-trust network is that all connections must be subject to security protocols. You may think that a connection within the network that isn’t going outside the network does not need to be secured, however; this would go against the foundational principle of zero-trust network.
Requirement 2: Removing single points of failure to determine a host’s identity. Previous security protocols have treated IP addresses and ports as sufficient proof of identity; however, it is now well-known that these can be spoofed. If the assumption of a zero-trust network is that it always harbors malicious parties then it is important that the identity of remote endpoint should always be determined using several criteria and not just a one-dimensional approach.
Requirement 3: Any network flow that is expected and allowed is explicitly allowed. Conversely, a connection that fails to meet this requirement is denied automatically.
Requirement 4: In the event that a workload is compromised, measures must be taken to ensure that it does not evade security policies.
Requirement 5: Once again, operating from a position of zero-trust necessitates that there is not distinction between a trusted and untrusted network path. As such, every connection on the network must be encrypted.
Requirement Implementation by Calico Enterprise
We’ve discussed the requirements of a zero-trust network infrastructure. It is important to know exactly how Calico Enterprise is able to fulfill these requirements, so let’s take a deeper look.
- Multiple Enforcement Points: There are two separate enforcement points that any incoming request to your Kubernetes workload must pass through. The first enforcement point is the host kernel. Using iptables at L3-L4 Calcio’s policy is enforced in the Linus kernel. If the incoming request is able to get through this point, it still has to get through the envoy proxy. This policy is enforced in the Envoy proxy at L3-7, and each request is authenticated cryptographically. Multiple points of enforcement ensures that the connection request has to validate their identity more than once, ensuring maximum security and minimum risk. In doing so, requirement 4 of a zero-trust network is fulfilled.
- Calico Policy Store: Allowed flows are encoded in an allow-list in the Calico data store. This aims to fulfill the third requirement of zero-trust architecture. As previously mentioned, zero-trust requires a fair bit of flexibility for effective implementation. Calico enterprise provides plenty of it. Practically speaking, this component allows your network to have capabilities that legacy systems offered such as zones in tandem with zero-trust features like allow lists. What’s crucial is that these can be used simultaneously, if need be, layered on top of each other via the maintenance of multiple policy documents.
- Calico Control Plane: This feature aims to meet the expectations laid down by the 4th requirement of a zero-trust network. The plane transfers the policy information to the previously highlighted enforcement points. This ensures that any connection to the cluster must be authenticated and authorized at multiple entry points based on the security policies.
- Istio Citadel Identity System: Networks can be compromised through infrastructure points such as routers or links. To counteract this vulnerability, Tigera Calico Enterprise in tandem with Istio utilizes an Istio component by the name of Citadel. This component fulfills the second and fifth requirement of a zero-trust network by first, establishing cryptographic keys that that each service account must provide to validate its identity. Next, traffic is also encrypted using this same principle.
Frequently Asked Questions
Who is Zero-Trust For?
The answer to this has two layers. The first layer provides the obvious answer – everyone! Of course, this doesn’t paint the entire picture. Almost all businesses and enterprises stand to gain from implementing the zero-trust network infrastructure provided by Tigera Calico Enterprise. However, it can also be argued that it is not the need of the hour for many businesses.
Enterprises like some of the most powerful tech companies do not fit the latter description though. The critical function that such organizations serve to millions of people worldwide means that they cannot take security lightly. Their success also brings them in the spotlight more than many other businesses. This means that they are more likely to be victims of attempted attacks.
There is no shortage of willing parties that would love to carry out an attack on some of the biggest tech companies in the world. As such, zero-trust network architecture has become a pressing need, rather than a flight of fancy that can be acquired when the circumstances are right.
There are organizations that can no longer continue to rely on legacy network security systems though. One of the most obvious candidates for this is the military. This will not come to news to anyone to be honest, especially those who are closely associated with the armed forces.
The need for strong network security has long been stressed by the military. Of course, this is only natural as well. The organization that is responsible for the security of the nation is expected to be aware of threats on all frontiers. The technological resources of many countries have now reached a point where conflict has entered a new paradigm – cyber warfare. When an entire country’s critical infrastructure relies on networks, it is essential to verify the strength of the security of these networks. Those in the military will be aware of the threats that cyber warfare poses.
Alas, it is not enough to be simply aware and worried about cyber warfare. As the foundational principles of zero-trust have highlighted, hostility must be a fundamental assumption. This means that a response to any threat must be proactive rather than reactive. Threats do not just come in the shape of damage to infrastructure but also to businesses within the United States. A cyber-attack on a U.S. based business is essentially an attack on the country itself and should be treated as such.
Just a few years ago, Sony was attacked by what was later revealed to be Foreign hackers. The purpose of the attack was to lodge their discontent with the characterization on Foreign Country in an upcoming production.
Military men and women understand that the threats posed by improper network security are real and growing by the day. The attack on Sony only proves that. A foreign actor was able to infiltrate the network of a company on U.S. soil. The rules of engagement on cyber-warfare are still unclear but the need for protection could not be more evident.
Matters are further complicated when we consider the kind of things that require a network to communicate in a military context. Weapons systems are one such item. Concerns have already been raised by the U.S. Government Accountability Office about the growing complexity of cyber threats.
Furthermore, it turns out that most military branches were not adding cybersecurity standards into contracts. This means that third-party contractors could potentially add further vulnerabilities to an already suspect network. One must understand the amount of technology that is required to coordinate a force the size of the United States military.
Add to that knowledge just a general awareness of the dependency that we have on technology, and it becomes clear why many people are concerned about the present situation. Each device poses a threat, each combination of devices only complicates the level of threat and introduces complications to the network security effort.
Not only can this network be easily compromised but if it goes down, fixing it will also be harder. This is because the network is what is allowing for the coordination to occur in the first place. This is why zero-trust is such an essential area of inquiry. The scale at which the U.S. military operates is such that only a security infrastructure that is all-encompassing and uncompromising in its approach will be able to secure it to any satisfactory level.
This is where Tigera Calico Enterprise comes in. We’ve already discussed its efficacy at implementing a zero-trust network infrastructure. Calico Enterprise is flexible and comprehensive in its approach which makes it the ideal candidate to take on the task of implementing a zero-trust network infrastructure for branches of the military.
Partnership with a private organization is not unheard of either. The Air Force, lauded for being one of the only branches of the military to be ahead of the curve on the cyber-security frontier, has recently sough the help from a Silicon Valley-based tech company.
This was achieved through a contract award, the details of which are not available publicly at the moment. The Airforce recognizes the importance of being able to trust the users on your own network and ensuring that no data on the network is compromised.
Given that the President of the United States has issued an executive order making the implementation of zero-trust architecture for Federal civilian agencies. This is a positive step in the right direction that should see more government agencies and other branches of the military seek out private sector assistance in implementing zero-trust architecture.
Benefits of Zero-Trust Architecture
Zero trust is not just a IT fad that is being peddled for personal gain by security and networking infrastructure companies. There are concrete benefits that platforms like Tigera Calico Enterprise offer. Let’s take a look at some benefits of zero-trust network architecture:
The first benefit is that it is possible for the network to be opened up to various stakeholders without the added worry of additional security risks. This is something that wasn’t possible previously. The reason that old architectures cannot do so, is because they create a closed-network. As we’ve already seen, not only do closed networks limit the range of possibilities for a business but they also don’t even guarantee safety. Zero-trust secures the network so comprehensively that organizations no longer need to worry about being an open network. The risks are mitigated in real-time and the organization gets to enjoy the benefits of an open network.
One of these benefits is allowing partners to join in on the organizations network and access documents and files that can assist them. These partners can also utilize network resources, such as those required by retailers and suppliers. In essence what this means is that there is access without a security risk and the business can enjoy better functionality.
User experience is also enhanced. Being able to consistently be on one network allows users to not have to worry too much about the security risk that they may accidentally be creating. Not only that, but there is also no need to migrate between a corporate or private netw
Another benefit is allowing users who may be in locations where data is normally compromised to access the data on the network. This once again highlights the best thing about zero-trust, the benefits of a normal network are easily available while all the risks are eliminated.
One of the key features of zero-trust is that it is able to control access at various levels. This provides an added layer of security for critical equipment on the network. This can be enterprise applications that reside on the network and if compromised could potentially cost the organization a lot of money. By restricting access, such applications receive much needed security from malicious parties.
Utilizing Internet of Thing always raises concerns by network security of the network may be compromised. Thankfully, zero-trust network architecture can create an isolated enclave for such technology that allows it to be on the network but be unable to damage it in any significant way.
For businesses, a particularly useful feature is the ability to allow SaaS applications to connect with internal enterprise software. This is immense because businesses rely heavily on SaaS application these days. In cases where zero-trust is not present then allowing external applications to interact with enterprise applications could compromise them. Of course, most legacy security network architectures would simply prohibit this. That isn’t a solution ultimately though, and it is refreshing to see that zero-trust allows this. The biggest and most obvious benefit is that the organization will not need to develop its own applications to gain the benefit of the SaaS application that they were using. Thanks to zero-trust you can enjoy the functions of you SaaS applications and the enterprise applications on your network.
What clients say about Cloud Computing Technologies
Migration to Zero-Trust Network Infrastructure
Having looked at everything there is to know about zero-trust network architecture, there is still the question of moving to one from a traditional network architecture. It is understood that the migration will be riddled with its own set of challenges, and progress will not magically happen overnight.
It is not enough to simply have the implementation of a zero-trust architecture as a goal and completely disregard the environment that it is being implemented in. More than anything, there needs to be an appreciation of existing network arrangements, business and organizational structures and protocols.
If the starting point is a deep understanding of the existing paradigm, then it will become clear that significant planning and coordination will be required to successfully implement a zero-trust network architecture.
No one can deny the very obvious benefits that zero-trust provides, but if it is done without due consideration, the chances of improper implementation increase. The entire point of zero-trust is that it is a carefully constructed and comprehensive system. As such, its implementation should follow careful procedure with clearly defined goals along the way.
Let’s take a look at the ideal methodology for the implementation of zero-trust network architecture.
1. Clear Vision
Any organization will have various internal stakeholders. A single department like the security department cannot hope to achieve the effective implantation of such a system without the support of other departments. In a military context, this means that simply because there is a desire at the higher echelons of the entity, doesn’t mean that constant collaboration with various stakeholders won’t be necessary.
As discussed several times already, zero-trust is not an isolated security policy decision. It is an all-encompassing security philosophy manifested as a network architecture. This means that the approach to implementing zero-trust has to be a strategic goal. By making it an organization-wide goal, the decision-makers ensure that all departments and individuals are on the same page. It is only though this concerted and concentrated effort that such a fundamental organizational change can be achieved.
This is because it will not be easy to acclimate to the new security environment. Users will experience a lot of confusion regarding the change in practices, and some may be openly hostile to the proposition as a result of unclear communication.
Any organizational change is difficult to bring about; however, if a vision is clearly set and all feedback is carefully considered then the process can become a lot smoother. Failure to do so can mean that the project doesn’t even get off the ground.
Admittedly, this is less of a concern for the military than it is for private enterprises. There is an expectation at such organizations that any decision will be fair and democratic. If the security or IT department attempts to implement a zero-trust architecture, but is unable to communicate its need clearly then there may be too much push back.
It is hence critical, that those pushing for the implementation of zero-trust know exactly what it is they’re proposing and why it’s essential to the future of the organization.
2. Construct a Plan
As with any strategic goal, planning is an essential component here as well. Planning ensures that all goals, challenges and timelines are clearly understood by everyone. It also ensures that people are able to prepare beforehand for any changes to their daily operations.
The path to zero-trust being implemented completely is crucial. If the plan to get to the goal is not well-thought out chances of failure increase. The most important consideration is that the zero-trust network architecture should carefully consider the core business and the core product.
This is due to the comprehensive nature of the architecture. Any attempt at implementation means that the entire business’s policies, structures, and products have to be analyzed from top to bottom. This is why planning is so crucial. Planning gives the decision makers a chance to consider everything prior to starting their journey.
Anyone who has worked in business would know that once a process starts, it can be very costly to go back to the drawing board. Resources have been mobilized, commitments have been made, and sometimes products need to be launched, Improper planning can affect all these aspects of zero-trust network architecture implantation.
Furthermore, it is not enough to plan. Ideally the plan will be step-by-step or as detailed as possible. This is because when undertaking any large-scale project such as this one, there is an assumption that things will go wring along the way. Not only that, progress markers are important as well to ensure that things are being tracked!
If no one knows when a certain item was due to be completed, then the timeline for the whole process falls apart. The costs of such a mistake can be catastrophic.
3. Graduated Scope
This is one of the essential components of project management, especially for projects of this scale. Zero-trust is an organizational philosophy which means that it will change pretty much every aspect of the organizations. Not only that, its implementation will also have an effect on several organizational-scenarios
This naturally means that all the changes cannot be implemented in one-go. Organizations and networks are complex. Two unrelated layers can have a profound impact on one another without anyone ever seeing where the connection is.
This is why when it comes to implementing such a massive change the goal is always to do it in graduated steps. First implement changes in a small part of the organization, see if it works, then graduate to a higher level.
The same principle applies when implementing a zero-trust network architecture. It will not always be obvious or even known how two separate layers in the network are connected. It is hence advisable to roll out the changes, test them and them finalize them in batches. If the changes are rolled out in unison, and something goes wrong it will be impossible to isolate exactly where the problem is arising from.
The process to implement a zero-trust architecture in this way has been hypothesized. The process states that one must follow three main steps to achieve their goal in this regard. First, proof of concept, then application migration, and lastly capability evolution.
Here is an explanation of what this would look like practically. The first step means that the zero-trust architecture will be applied to a small scenario. This should be a medium zero-trust scheme and should deliver the results hoped for when the full rollout happens.
The next step requires that you diversify the application of the zero-trust mechanism to other business areas. This means that as you go further along the process, more an more use cases will be tested out. During this process, you will begin to notice new requirements and considerations that you may have missed during the planning stage. You will now have to optimize the process to address these requirements.
Conclusion for the Best Zero Trust Network Security Architecture
Finally, you should now have enough information to enhance the zero-trust capabilities. This is the capability evolution phase. Zero-trust requires that it is constantly evolving because the nature of the security environment demands it. This is what distinguished zero-trust and why it is essential that businesses and other organizations utilize it. For the best zero trust network security architecture advise, please contact us today!