14,932
edits
Changes
→Zero Trust Architecture
====Automation & Orchestration====
====Automation & Orchestration====
Enterprises needed to automate manual security processes to take policy-based actions fast and at scale.
Enterprises needed to automate manual security processes to take policy-based actions fast and at scale.
===Difference between Layers 3 & 7===
{| class="wikitable"
! Layer 3 !! Layer 7<ref>[https://www.paloaltonetworks.com/blog/2019/05/network-layers-not-created-equal/ All Layers Are Not Created Equal, Palo Alto Networks]</ref>
|-
| The layer where information is evaluated based only on IP address, port or protocol. || This layer is much more specific. Information is evaluated based on the application being used.
|-
| It is limited by the lack of information that can be seen. IP addresses can be spoofed. Simple port scans uncover all open ports. Thus, attackers can encapsulate stolen data and exfiltrate them across the open port. The protocol is a metadata tag to help the administrator understand the type of traffic that is supposed to be traversing a specific port. || The 4th step in the Forrester five-step methodology to a Zero Trust network is to write policy rules for the segmentation gateway based on the expected behavior of the data and the user or applications that interact with that data.
|-
| Adversaries know how to bypass Layer 3 controls || Due to the granularity of the policy, it can only be done at Layer 7.
|}
==Advantages & Complications==
==Advantages & Complications==