14,932
edits
Changes
→Components
* A segmentation gateway, aka a next-generation firewall, allows traffic or legitimate applications to access the protect surface;
* A segmentation gateway, aka a next-generation firewall, allows traffic or legitimate applications to access the protect surface;
* The Kipling Method defines a zero trust policy based on who, what, when, where, why, and how; and
* The Kipling Method defines a zero trust policy based on who, what, when, where, why, and how; and
* A Zero Trust policy determines who can cross the microperimeter, stops access to protect surfaces by unauthorized users, and prevents sensitive data exfiltration.
* A Zero Trust policy determines who can cross the microperimeter, stops access to protect surfaces by unauthorized users, and prevents sensitive data exfiltration. More specifically,
:* the policy engine grants, revokes, or denies user access to requested enterprise resources;
:* the policy enforcement point (PEP) enables, terminates, and monitors connections between users and enterprise resources; and
:* the policy administrator sends commands to the PEP based on policy engine decisions to allow or deny users’ connections to a requested resource.<ref>[https://www.ekransystem.com/en/blog/zero-trust-security-model Zero Trust Security Model, Ekran]</ref>
==References==
==References==
[[Category:Cybersecurity]]
[[Category:Cybersecurity]]