{"id":6091,"date":"2021-03-04T08:56:17","date_gmt":"2021-03-04T16:56:17","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=6091"},"modified":"2024-08-07T12:22:30","modified_gmt":"2024-08-07T19:22:30","slug":"the-national-security-agency-releases-guidance-on-zero-trust-security","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/","title":{"rendered":"The National Security Agency Releases Guidance on Zero Trust Security"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">The National Security Agency (NSA) has just released the Cybersecurity Information brief entitled, <\/span><a href=\"https:\/\/media.defense.gov\/2021\/Feb\/25\/2002588479\/-1\/-1\/0\/CSI_EMBRACING_ZT_SECURITY_MODEL_UOO115131-21.PDF\"><span style=\"font-weight: 400;\">Embracing a Zero Trust Security Model<\/span><\/a><span style=\"font-weight: 400;\">. The Cybersecurity Information brief provides an overview and recommendations for implementing Zero Trust within networks. The Zero Trust security model is a coordinated system management strategy that assumes breaches are inevitable or have already occurred.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">NSA\u2019s recommendations for adopting a Zero Trust mindset, embracing Zero Trust guiding principles, and leveraging Zero Trust design concepts include:<\/span><\/p>\n<h3><i><span style=\"font-weight: 400;\">Adopt a Zero Trust mindset\u00a0<\/span><\/i><\/h3>\n<p><span style=\"font-weight: 400;\">To adequately address the modern dynamic threat environment requires:\u00a0\u00a0<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Coordinated and aggressive system monitoring, system management, and defensive operations capabilities.\u00a0\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Assuming all requests for critical resources and all network traffic may be malicious.\u00a0\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Assuming all devices and infrastructure may be compromised.\u00a0\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Accept and understand that all access to critical resources incur risk and being prepared to perform rapid damage assessment, control, and recovery operations.\u00a0<\/span><\/li>\n<\/ul>\n<h3><i><span style=\"font-weight: 400;\">Embrace Zero Trust guiding principles\u00a0<\/span><\/i><\/h3>\n<p><span style=\"font-weight: 400;\">A Zero Trust solution requires operational capabilities that:\u00a0\u00a0<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\"><strong>Never trust, always verify<\/strong> \u2013 Treat every user, device, application\/workload, and data flow as untrusted. Authenticate and explicitly authorize each to the least privilege required using dynamic security policies.\u00a0\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\"><strong>Assume breach<\/strong> \u2013 Consciously operate and defend resources with the assumption that an adversary already has a presence within the environment. Deny by default and heavily scrutinize all users, devices, data flows, and requests for access. Log, inspect, and continuously monitor all configuration changes, resource accesses, and network traffic for suspicious activity.\u00a0\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\"><strong>Verify explicitly<\/strong> \u2013 Access to all resources should be conducted in a consistent and secure manner using multiple attributes (dynamic and static) to derive confidence levels for contextual access decisions to resources.\u00a0<\/span><\/li>\n<\/ul>\n<h3><i><span style=\"font-weight: 400;\">Leverage Zero Trust design concepts\u00a0<\/span><\/i><\/h3>\n<p><span style=\"font-weight: 400;\">When designing a Zero Trust solution:\u00a0\u00a0<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\"><strong>Define mission outcomes<\/strong> \u2013 Derive the Zero Trust architecture from organization-specific mission requirements that identify the critical Data\/Assets\/Applications\/Services (DAAS).\u00a0\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\"><strong>Architect from the inside out<\/strong> \u2013 First, focus on protecting critical DAAS. Second, secure all paths to access them.\u00a0\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\"><strong>Determine who\/what needs access to the DAAS to create access control policies<\/strong> \u2013 Create security policies and apply them consistently across all environments (LAN, WAN, endpoint, perimeter, mobile, etc.).\u00a0\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\"><strong>Inspect and log all traffic before acting<\/strong> \u2013 Establish full visibility of all activity across all layers from endpoints and the network to enable analytics that can detect suspicious activity.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Visibility and tracking of activity are critical Zero Trust design concepts. Infoblox\u2019s security solution, BloxOne Threat Defense, provides continuous and complete visibility and assessment of all DNS activity. DNS is the cornerstone to the great majority of external communications, especially those that represent a threat to your organization. BloxOne also provides extensive visibility through the IPAM database. IPAM is the administration of DNS and DHCP, which are the network services that assign and resolve IP addresses to machines in a TCP\/IP network. IPAM is a means of planning, tracking, and managing the Internet Protocol address space used in a network. Tools such as DNS and DHCP are used in tandem to perform this task although IPAM will connect these services together so that each is aware of changes in the other (for instance DNS knowing of the IP address taken by a client via DHCP, and updating itself accordingly).<\/span><\/p>\n<p><span style=\"font-weight: 400;\">BloxOne Threat Defense can support your Zero Trust initiatives by:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Using a \u201cwalled garden\u201d approach where devices and users are blocked from accessing malicious or potentially malicious websites.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Enabling a \u201cNo Unknown model\u201d where in addition to any blocked categories, users are not allowed to resolve domains that have no rating at all<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Leveraging machine learning and analytics to detect malicious and potentially dangerous anomalous behavior.\u00a0\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Enhancing other security vendors with data feeds leveraged on other platforms so that other security controls can be better equipped to manage users access to data.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Substantially helping to reduce incident response time, so critical to breaking the attacker\u2019s kill-chain before it can cause further harm, by automatically blocking malicious activity and providing the threat data to the rest of your security ecosystem for investigation, quarantine, and remediation.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Leverage greater processing capabilities of the cloud to detect a wider range of threats, including data exfiltration, domain generation algorithm (DGA), fast flux, fileless malware, Dictionary DGA, and more, and enforcing protection everywhere- HQ, data center, remote offices, roaming devices.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Reducing the number of alerts to review &#8211; foundational security can remove well over half of the threats before they can get to your firewalls, spread beyond a few endpoints, and overwhelm your other security controls.<\/span><\/li>\n<\/ul>\n<h3><em><span style=\"font-weight: 400;\">Other NSA advisories and technical guidance can be found here:<\/span><\/em><\/h3>\n<ul>\n<li><a href=\"https:\/\/www.nsa.gov\/What-We-Do\/Cybersecurity\/Advisories-Technical-Guidance\/\"><span style=\"font-weight: 400;\">https:\/\/www.nsa.gov\/What-We-Do\/Cybersecurity\/Advisories-Technical-Guidance\/<\/span><\/a><span style=\"font-weight: 400;\">\u00a0<\/span><\/li>\n<\/ul>\n<h3><em><span style=\"font-weight: 400;\">Please find these additional references to Zero Trust on our website:<\/span><\/em><\/h3>\n<ul>\n<li><span style=\"font-weight: 400;\">Zero Trust on our Cybersecurity Frameworks Page:<\/span>\n<ul>\n<li><a href=\"https:\/\/www.infoblox.com\/solutions\/network-security\/cybersecurity-frameworks\/zero-trust\/\"><span style=\"font-weight: 400;\">https:\/\/www.infoblox.com\/solutions\/network-security\/cybersecurity-frameworks\/zero-trust\/<\/span><\/a><\/li>\n<\/ul>\n<\/li>\n<li><span style=\"font-weight: 400;\">Download our Zero Trust white paper here: <\/span><a href=\"https:\/\/info.infoblox.com\/resources-whitepapers-an-introduction-to-zero-trust\"><span style=\"font-weight: 400;\">https:\/\/info.infoblox.com\/resources-whitepapers-an-introduction-to-zero-trust<\/span><\/a><span style=\"font-weight: 400;\">\u00a0<\/span><\/li>\n<\/ul>\n<h3><em><span style=\"font-weight: 400;\">Check out our blogs on Zero Trust:<\/span><\/em><\/h3>\n<ul>\n<li><a href=\"https:\/\/blogs.infoblox.com\/tag\/zero-trust-network-architecture\/\"><span style=\"font-weight: 400;\">https:\/\/blogs.infoblox.com\/tag\/zero-trust-network-architecture\/<\/span><\/a><\/li>\n<li><a href=\"https:\/\/blogs.infoblox.com\/security\/dns-security-is-critical-to-zero-trust-network-architecture\/\"><span style=\"font-weight: 400;\">https:\/\/blogs.infoblox.com\/security\/dns-security-is-critical-to-zero-trust-network-architecture\/<\/span><\/a><span style=\"font-weight: 400;\">\u00a0<\/span><\/li>\n<li><a href=\"https:\/\/blogs.infoblox.com\/security\/dns-privacy-in-the-age-of-zero-trust\/\"><span style=\"font-weight: 400;\">https:\/\/blogs.infoblox.com\/security\/dns-privacy-in-the-age-of-zero-trust\/<\/span><\/a><span style=\"font-weight: 400;\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">If you want to know more about our products and services, please reach out to us directly via <\/span><a href=\"https:\/\/info.infoblox.com\/contact-form\" target=\"_blank\" rel=\"noopener\">https:\/\/info.infoblox.com\/contact-form<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The National Security Agency (NSA) has just released the Cybersecurity Information brief entitled, Embracing a Zero Trust Security Model. The Cybersecurity Information brief provides an overview and recommendations for implementing Zero Trust within networks. The Zero Trust security model is a coordinated system management strategy that assumes breaches are inevitable or have already occurred. NSA\u2019s [&hellip;]<\/p>\n","protected":false},"author":324,"featured_media":6093,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[414,405,283,189],"class_list":{"0":"post-6091","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-nsa","9":"tag-zero-trust","10":"tag-zero-trust-network-architecture","11":"tag-cybersecurity","12":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>The National Security Agency Releases Guidance on Zero Trust Security<\/title>\n<meta name=\"description\" content=\"The National Security Agency Releases Guidance on Zero Trust Security. The National Security Agency (NSA) has just released the Cybersecurity Information brief entitled, Embracing a Zero Trust Security Model. The Cybersecurity Information brief provides an overview and recommendations for implementing Zero Trust within networks. The Zero Trust security model is a coordinated system management strategy that assumes breaches are inevitable or have already occurred.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The National Security Agency Releases Guidance on Zero Trust Security\" \/>\n<meta property=\"og:description\" content=\"The National Security Agency Releases Guidance on Zero Trust Security. The National Security Agency (NSA) has just released the Cybersecurity Information brief entitled, Embracing a Zero Trust Security Model. The Cybersecurity Information brief provides an overview and recommendations for implementing Zero Trust within networks. The Zero Trust security model is a coordinated system management strategy that assumes breaches are inevitable or have already occurred.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-04T16:56:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-07T19:22:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/NSA-2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"612\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Michael Zuckerman\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Michael Zuckerman\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/\"},\"author\":{\"name\":\"Michael Zuckerman\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/212816c17be869578ba1574b5fc7abf4\"},\"headline\":\"The National Security Agency Releases Guidance on Zero Trust Security\",\"datePublished\":\"2021-03-04T16:56:17+00:00\",\"dateModified\":\"2024-08-07T19:22:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/\"},\"wordCount\":851,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/NSA-2.jpg\",\"keywords\":[\"NSA\",\"Zero Trust\",\"Zero Trust Network Architecture\",\"Cybersecurity\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/\",\"name\":\"The National Security Agency Releases Guidance on Zero Trust Security\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/NSA-2.jpg\",\"datePublished\":\"2021-03-04T16:56:17+00:00\",\"dateModified\":\"2024-08-07T19:22:30+00:00\",\"description\":\"The National Security Agency Releases Guidance on Zero Trust Security. The National Security Agency (NSA) has just released the Cybersecurity Information brief entitled, Embracing a Zero Trust Security Model. The Cybersecurity Information brief provides an overview and recommendations for implementing Zero Trust within networks. The Zero Trust security model is a coordinated system management strategy that assumes breaches are inevitable or have already occurred.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/NSA-2.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/NSA-2.jpg\",\"width\":612,\"height\":612,\"caption\":\"(GERMANY OUT) Seal of the National Security Agency NSA of the United States of America (Photo by Probst\\\/ullstein bild via Getty Images)\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/the-national-security-agency-releases-guidance-on-zero-trust-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"The National Security Agency Releases Guidance on Zero Trust Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/212816c17be869578ba1574b5fc7abf4\",\"name\":\"Michael Zuckerman\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_324_1628613720-96x96.jpg\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_324_1628613720-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_324_1628613720-96x96.jpg\",\"caption\":\"Michael Zuckerman\"},\"description\":\"Michael Zuckerman is a seasoned B2B product marketing and marketing strategy consultant with experience in the cybersecurity marketplace. Zuckerman\u2019s domain experience in cybersecurity over the past 10 years includes DNS security, threat intelligence, threat intelligence platforms (TIP), container security, mobile device security, moving target defense, network threat analysis (AI), sandbox, deception technology, cloud access security brokers (CASB), SASE, AI based SIEM, secure collaborative governance, and related technology sets to include data loss prevention (DLP), user and entity behavior analytics (UEBA), and encryption.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/michael-zuckerman\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The National Security Agency Releases Guidance on Zero Trust Security","description":"The National Security Agency Releases Guidance on Zero Trust Security. The National Security Agency (NSA) has just released the Cybersecurity Information brief entitled, Embracing a Zero Trust Security Model. The Cybersecurity Information brief provides an overview and recommendations for implementing Zero Trust within networks. The Zero Trust security model is a coordinated system management strategy that assumes breaches are inevitable or have already occurred.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/","og_locale":"en_US","og_type":"article","og_title":"The National Security Agency Releases Guidance on Zero Trust Security","og_description":"The National Security Agency Releases Guidance on Zero Trust Security. The National Security Agency (NSA) has just released the Cybersecurity Information brief entitled, Embracing a Zero Trust Security Model. The Cybersecurity Information brief provides an overview and recommendations for implementing Zero Trust within networks. The Zero Trust security model is a coordinated system management strategy that assumes breaches are inevitable or have already occurred.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/","og_site_name":"Infoblox Blog","article_published_time":"2021-03-04T16:56:17+00:00","article_modified_time":"2024-08-07T19:22:30+00:00","og_image":[{"width":612,"height":612,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/NSA-2.jpg","type":"image\/jpeg"}],"author":"Michael Zuckerman","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Michael Zuckerman","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/"},"author":{"name":"Michael Zuckerman","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/212816c17be869578ba1574b5fc7abf4"},"headline":"The National Security Agency Releases Guidance on Zero Trust Security","datePublished":"2021-03-04T16:56:17+00:00","dateModified":"2024-08-07T19:22:30+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/"},"wordCount":851,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/NSA-2.jpg","keywords":["NSA","Zero Trust","Zero Trust Network Architecture","Cybersecurity"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/","url":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/","name":"The National Security Agency Releases Guidance on Zero Trust Security","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/NSA-2.jpg","datePublished":"2021-03-04T16:56:17+00:00","dateModified":"2024-08-07T19:22:30+00:00","description":"The National Security Agency Releases Guidance on Zero Trust Security. The National Security Agency (NSA) has just released the Cybersecurity Information brief entitled, Embracing a Zero Trust Security Model. The Cybersecurity Information brief provides an overview and recommendations for implementing Zero Trust within networks. The Zero Trust security model is a coordinated system management strategy that assumes breaches are inevitable or have already occurred.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/NSA-2.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/NSA-2.jpg","width":612,"height":612,"caption":"(GERMANY OUT) Seal of the National Security Agency NSA of the United States of America (Photo by Probst\/ullstein bild via Getty Images)"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/the-national-security-agency-releases-guidance-on-zero-trust-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"The National Security Agency Releases Guidance on Zero Trust Security"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/212816c17be869578ba1574b5fc7abf4","name":"Michael Zuckerman","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_324_1628613720-96x96.jpg","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_324_1628613720-96x96.jpg","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_324_1628613720-96x96.jpg","caption":"Michael Zuckerman"},"description":"Michael Zuckerman is a seasoned B2B product marketing and marketing strategy consultant with experience in the cybersecurity marketplace. Zuckerman\u2019s domain experience in cybersecurity over the past 10 years includes DNS security, threat intelligence, threat intelligence platforms (TIP), container security, mobile device security, moving target defense, network threat analysis (AI), sandbox, deception technology, cloud access security brokers (CASB), SASE, AI based SIEM, secure collaborative governance, and related technology sets to include data loss prevention (DLP), user and entity behavior analytics (UEBA), and encryption.","url":"https:\/\/www.infoblox.com\/blog\/author\/michael-zuckerman\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6091","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/324"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=6091"}],"version-history":[{"count":4,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6091\/revisions"}],"predecessor-version":[{"id":8990,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6091\/revisions\/8990"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/6093"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=6091"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=6091"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=6091"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}