Cyberattacks can paralyze a company’s activity in just a few minutes. Certain technological developments in recent years, such as the widespread adoption of IT services in the Cloud, and remote work, often from multiple terminal devices – laptop, smartphone, tablet – have increased the security perimeter of companies’ IT networks and its complexity, and the traditional perimeter security model can no longer cover it effectively.

To deal with the new situation, security experts propose an approach called “Zero Trust”, which places distrust at the core of the defense strategy. Through multiple and continuous verifications of any user or equipment, Zero Trust offers protection on many levels, even against advanced threats including those that managed to breach, in the first stage, certain cyber security systems. To achieve these results, Datanet Systems proposes a unified approach, which integrates Zero Trust solutions with the existing security systems in the organization’s IT network.

To compromise an IT infrastructure, it is enough that only one element of it is vulnerable. Whether it’s end-user devices – as is often the case – or servers, applications running on their own infrastructure, or services delivered from the Cloud, once the breach is discovered and exploited, the malware spreads rapidly across the network. For example, LockBit – last year’s most active ransomware threat – takes just 5 minutes and 50 seconds to encrypt 100,000 files!

Thus, in less than 6 minutes, an entire IT infrastructure becomes unusable by blocking access to the resources needed to run business processes. At such a rapid pace and scale, most traditional IT security solutions are outdated, and experienced IT professionals do not have time to react. The Zero Trust-based security architecture model based on Cisco solutions recommended by Datanet specialists offers extensive protection in such situations.

Distrust, a cybersecurity strategy

The basic principle of Zero Trust security architectures is that any user, equipment, application, or service must be considered, from the outset, as potentially hostile and/or compromised. As a result, it must be continuously checked, both when launching a request for access and subsequently being granted that right.

Zero Trust brings an important change from the traditional approach, which starts from the premise that anything – users, equipment, or solutions – within the security perimeter is automatic and “trustworthy”, with minimal risk of being compromised. However, in the context of the widespread adoption of remote work and cloud services, this working hypothesis is no longer valid. That’s why Zero Trust security architectures replace the classic security perimeter with micro-protection perimeters, which act at any access point to the infrastructure. In addition, Zero Trust introduces a number of additional, multi-level barriers to reduce the attack area and the effects of compromising equipment, applications, or service.

How Cisco’s Zero Trust architecture works

To cover these requirements as efficiently and completely as possible, and because each organization has its own security needs, so with a customized approach, Cisco’s Zero Trust architecture has a modular structure, which acts on three levels:

1. Users
Cisco Zero Trust integrates solutions that evaluate and establish the level of trust that can be given to each end-user – employee, collaborator, customer, etc. – and the equipment it uses.

At this level, Cisco Zero Trust provides:

• Continuous authentication and monitoring of each access request, to provide protection against logging data compromise and identity theft.
• Monitoring the security position of terminal equipment, centralized application of contextual policies, and automatic blocking access to compromised devices.

To cover these needs, one of the solutions recommended by Datanet specialists is Cisco Duo, which secures access to on-premises and cloud environments through multi-factor authentication methods. In addition, Duo monitors the security measures applied to the terminal at the time of authentication (such as the operating system version, patches applied, and recent antivirus definitions updated), based on that data specific, enabling access policies to be applied. At the same time, through the Single Sign-On (SSO) functionality, Duo secures the access of the usual applications – both from Cisco and from other manufacturers, such as Microsoft, Google, etc. -, and through the proxy architecture, Duo ensures the protection of legacy solutions.

2. Applications and services

The Cisco Zero Trust architecture secures connections to applications and services, as well as communications between them, wherever they run in on-premises infrastructures, virtualized environments, or in the Cloud.

Thus, Cisco Zero Trust delivers:

• Visibility and control over any connection initiated by a user/device to access applications, from the company network or from the Cloud.
• Extended visibility into application architecture, dependencies between them, regardless of the environment in which they run, and data flows.
• Monitoring application performance and identifying the causes of malfunctions through advanced diagnostic features.
• Application segmentation – via micro-segmentation technologies through which the threats’ lateral movements that have managed to bypass some protection systems are blocked.

The solution recommended by Datanet to address the above is Cisco Tetration, an application that continuously collects, correlates, and analyzes millions of data across the entire infrastructure. With its help, IT administrators can establish specific micro-segmentation rules on application types, workloads, and even ports can identify dependencies between applications, can check and validate security policies before applying them, etc.

3. Workspaces
Cisco Zero Trust allows employees to securely connect to the company’s network from any terminal device and from anywhere, restricting access to devices that do not meet pre-established security requirements.

At this level, Cisco Zero Trust provides:

• Secure access to the organization’s network after verifying the identity of users and the security position of the devices they use.
• Network segmentation to limit the risk of unauthorized access to data, applications, and services – IT administrators can automate the development of end-user protection micro-perimeters, equipment, or even application traffic, without the need to change the design network.
• Automation of prevention, detection, and remediation processes throughout the infrastructure.

For this level, the Datanet recommendation is Cisco SD-Access, a solution that improves network visibility, increases security through end-to-end segmentation – by using policies defined by equipment groups and user categories – and streamlines infrastructure management by orchestration and automation of single-point policy enforcement.

The advantages of collaborating with Datanet Systems

Developing a Zero Trust security architecture requires a long-term effort and a step-by-step approach. Most companies that have adopted this architectural model have used a hybrid approach, using both Zero Trust solutions and traditional security systems to modernize their IT infrastructure over time.

To best benefit from Cisco’s recommended solutions, including to best optimize the investments already made in your security systems, Datanet Systems may be the best choice because:

• we are the Cisco partner with the largest team of certified specialists in Romania;
• we have implemented various projects in the field of critical security infrastructures at the local level and beyond;
• we have advanced IT system integrator skills and certified multi-vendor skills.

Also, the Datanet team provides integration services, fast technical support with national coverage, and training regarding the administration of the provided systems.

For more technical and commercial information on the Zero Trust security architecture, recommended Cisco solutions, and Datanet services, please contact us at sales@datanets.ro.

______________________

Note: Original article published on profit.ro – here.