Zero Trust Security

1. Front Matter

   Pages i-xxiii

   PDF

2. Overview

   1. Front Matter

      Pages 1-1

      PDF

   2. Introduction

      • Jason Garbis, Jerry W. Chapman

      Pages 3-5

   3. What Is Zero Trust?

      • Jason Garbis, Jerry W. Chapman

      Pages 7-18

   4. Zero Trust Architectures

      • Jason Garbis, Jerry W. Chapman

      Pages 19-51

   5. Zero Trust in Practice

      • Jason Garbis, Jerry W. Chapman

      Pages 53-67

3. Zero Trust and Enterprise Architecture Components

   1. Front Matter

      Pages 69-69

      PDF

   2. Identity and Access Management

      • Jason Garbis, Jerry W. Chapman

      Pages 71-91

   3. Network Infrastructure

      • Jason Garbis, Jerry W. Chapman

      Pages 93-103

   4. Network Access Control

      • Jason Garbis, Jerry W. Chapman

      Pages 105-116

   5. Intrusion Detection and Prevention Systems

      • Jason Garbis, Jerry W. Chapman

      Pages 117-126

   6. Virtual Private Networks

      • Jason Garbis, Jerry W. Chapman

      Pages 127-134

   7. Next-Generation Firewalls

      • Jason Garbis, Jerry W. Chapman

      Pages 135-142

   8. Security Operations

      • Jason Garbis, Jerry W. Chapman

      Pages 143-153

   9. Privileged Access Management

      • Jason Garbis, Jerry W. Chapman

      Pages 155-161

   10. Data Protection

       • Jason Garbis, Jerry W. Chapman

       Pages 163-172

   11. Infrastructure and Platform as a Service

       • Jason Garbis, Jerry W. Chapman

       Pages 173-183

   12. Software as a Service

       • Jason Garbis, Jerry W. Chapman

       Pages 185-191

   13. IoT Devices and “Things”

       • Jason Garbis, Jerry W. Chapman

       Pages 193-207

4. Putting It All Together

   1. Front Matter

      Pages 209-209

      PDF

Understand how Zero Trust security can and should integrate into your organization. This book covers the complexity of enterprise environments and provides the realistic guidance and requirements your security team needs to successfully plan and execute a journey to Zero Trust while getting more value from your existing enterprise security architecture. After reading this book, you will be ready to design a credible and defensible Zero Trust security architecture for your organization and implement a step-wise journey that delivers significantly improved security and streamlined operations.

Zero Trust security has become a major industry trend, and yet there still is uncertainty about what it means. Zero Trust is about fundamentally changing the underlying philosophy and approach to enterprise security—moving from outdated and demonstrably ineffective perimeter-centric approaches to a dynamic, identity-centric, and policy-based approach.

Making this type of shift can be challenging. Your organization has already deployed and operationalized enterprise security assets such as Directories, IAM systems, IDS/IPS, and SIEM, and changing things can be difficult. Zero Trust Security uniquely covers the breadth of enterprise security and IT architectures, providing substantive architectural guidance and technical analysis with the goal of accelerating your organization‘s journey to Zero Trust.

What You Will Learn

• Understand Zero Trust security principles and why it is critical to adopt them
• See the security and operational benefits of Zero Trust
• Make informed decisions about where, when, and how to apply Zero Trust security architectures
• Discover how the journey to Zero Trust will impact your enterprise and security architecture
• Be ready to plan your journey toward Zero Trust, while identifying projects that can deliver immediate security benefits for your organization

Who This Book Is For

Security leaders, architects, and practitioners plus CISOs, enterprise security architects, security engineers, network security architects, solution architects, and Zero Trust strategists


 

• Zero Trust
• Zero Trust Security
• Zero Trust Network Security
• Identity-Centric Security
• Security
• Identity
• Software-Defined Perimeter
• Microsegmentation
• BeyondCorp
• Conditional Access
• Perimeter-less Security
• Attribute Based Access Control
• Dynamic Network Security

• Boston, USA

  Jason Garbis

• Atlanta, USA

  Jerry W. Chapman

Jason Garbis is Founder and Principal at Numberline Security, a consulting firm helping enterprises prepare for, define, and execute on effective Zero Trust security strategies. Jason has authored several books, including Zero Trust Security: An Enterprise Guide, and Getting Started With Zero Trust. He is co-chair of the Zero Trust Working Group at the Cloud Security Alliance, and is a frequent speaker at industry conferences. Jason holds a CISSP certification, has a BS in Computer Science from Cornell University, and an MBA from Northeastern. Professionally, he has expertise in the areas of Identity Management, Enterprise Security Architectures, Network Security, and Security Strategy. Previously, he served as Chief Product Officer at Appgate, and held roles at security firms including RSA and Aveksa. 

Jerry W. Chapman is a cyber security professional with a focus on Identity. With over 25 years of industry experience, Jerry has successfully guided numerous clients in the design and implementation of their enterprise IAM strategies, in ways that align with both security and business objectives. As an IAM industry expert, Jerry provides guidance, support, and thought leadership across multiple cybersecurity practice areas, with a focus on positioning Identity as a core component within enterprise security architectures. Jerry is active in the technical working group at the Identity Defined Security Alliance (IDSA), where he was the group’s original Technical Architect. Jerry is a certified Forrester Zero Trust Strategist, has a BS in Computer Information Systems from DeVry University and is currently pursuing a degree in Applied Mathematics from Southern New Hampshire University.

Policies and ethics