| Improved monitoring || Dependence on the policy decision point
| Improved monitoring || Dependence on the policy decision point
+
|-
+
| || Technical Debt (Redesigning, recoding, and redeploying internal applications can be costly and potentially disruptive)
+
|-
+
| || Legacy applications, infrastructure, and operating systems have no concept of least privilege, lateral movement, or dynamic, context-based authentication models
+
|-
+
| || Peer-to-peer (P2P)/mesh network technologies (used in Windows 10, for instance) do not work with access and microperimeter controls.
+
|-
+
| || Large deployments of a zero-trust model, such as that needed for [[Cloud Computing|Cloud]], DevOps, and [[IoT]], are going to be cost-prohibitive.<ref>[https://www.beyondtrust.com/blog/entry/why-zero-trust-is-an-unrealistic-security-model Why Zero Trust is an Unrealistic Security Model]</ref>