Zero-Trust Network Architecture

Perimeter security is dead. Zero-trust replaces it.

Idea

Identity-based, not network-based. Every request authenticates.

Assume breach.

Layers

Identity provider; service mesh or proxy; per-request authz.

Layered authentication.

Migrate

Inventory trust assumptions. Replace incrementally.

Multi-year project.