Forrester’s “Zero Trust” security model could help prevent insider attacks and eliminate trustless external networks.
The increased use of virtualization in production environments and the rising number of cloud computing services are turning the traditional network security model upside down, according to a network security expert and industry analyst.
John Kindervag, a senior analyst with Forrester Research Inc. said the hierarchical, three-tier architecture in which the core of the network is surrounded by the access layer and the edge is not going away anytime soon. But the traditional model needs an overhaul, he said.
Kindervag shed light on his vision last month at Forrester’s Security Forum in Boston. Under the new network strategy, networks are designed from the inside out. The redesign will help company’s embrace what Forrester calls the Zero Trust security model in which access control is strictly enforced and all traffic –- inbound and outbound — is thoroughly inspected.
“Trust is a fundamental problem in information security today,” Kindervag said. “We can change our networks, make them simpler, more secure, more compliant and even cost less.”
Kindervag believes malicious insider attacks and the threat of accidental data leakage could be reigned in under the Zero Trust model, but in order to embrace the model completely, traditional network security needs to change.
The redesign starts with a black box or network segmentation gateway that can handle high speeds – up to 10G interfaces. The gateway acts like a UTM appliance, but it does much more than provide firewall, antispam and content filtering features. It can add data leakage prevention capabilities, intrusion prevention and encryption to the network, he said. Everything running on the network is plugged into one of the 10-gigabit interfaces. Multi-core processing and better cheaper network processors has made inspection of traffic at high speeds much more efficient, he said.
Each network area that is plugged into the 10G interface is built as a micro core and perimeter (MCAP) and functions as a mini core switch with its own perimeter built into it. All traffic to and from each MCAP is inspected and logged. This is where network analysis and visibility tools will be used to do network behavior analysis and discovery. The tools can enable increased visibility into the network and provide more effective discovery flow analysis and forensics capabilities to network security pros.
Kindervag said the new model is compliant by default. For example, wireless networks are compliant by default because they are built as an MCAP with an outer perimeter and a firewall embedded into the fabric. “The wireless access point can never be bridged to the network core,” he said.
It could take years before enterprises completely embrace the network model, Kindervag said, adding that it is far from being a solidified concept. It needs to evolve and be further developed and then thoroughly tested by enterprises.
He urged those in attendance to start with smaller projects. Companies can begin by attaching the model to the existing network. For example, a segmented network used for credit card data can be built using the zero-trust concept and extended overtime, he said.
“There are opportunities in the network world to embed security directly into the network,” he said. “With cloud computing and virtualization, we’re’ in the middle of all these drivers for network refreshes … The old model was designed when we had 10 MB not 10G speeds.”