Glossary: Cybersecurity Terms & Definitions

Zero Trust Architecture

Zero trust architecture (ZTA) enforces continuous verification, strict access controls, and network segmentation for enhanced security.

Zero trust architecture refers to a security model, created by John Kindervag in 2010, that eliminates the idea of a trusted network inside a defined perimeter, and focuses instead on verifying every user and device before granting access.

ZTA is a powerful, holistic security strategy that secures today’s hybrid multi-cloud environment.

What is Zero Trust Architecture?

A zero trust architecture is a cybersecurity architecture based on zero trust principles, designed to prevent data breaches and limit internal lateral movement. Zero trust assumes no implicit trust. And the zero trust architecture is the application of various products, solutions and services that work together to deliver an ultra-secure environment, upholding the zero trust tenet of “never trust, always verify” in addition to having an “assume breach” mentality.

Why Is Zero Trust Architecture Important?

Zero trust architecture is crucial in modern cybersecurity as it is the practical application of a zero trust model. This model eliminates the outdated notion of a trusted network perimeter and “trust but verify” approach. Zero trust assumes no implicit trust and promotes a layered security approach. From an access perspective, this means having access controls that are per-request as well as context- and identity-based. Additionally, it includes continuous verification of all users and devices, both inside and outside of the organization, before granting access and throughout the access session.

Key benefits of zero trust architecture include:

  • Enhanced Security: Per-request, contextual app access along with continuous verification and monitoring of all access requests.
  • Reduced Risk: Limits attackers' ability to move laterally within the network.
  • Comprehensive Protection: Secures all enterprise assets, including devices, infrastructure, applications, and cloud components.
  • Regulatory Compliance: Aligns with data protection standards, aiding in compliance.
  • Operational Efficiency: Automates security checks, freeing up resources for strategic tasks.

In summary, zero trust architecture is essential for protecting data, applications, and infrastructure in today’s complex and threat-laden cybersecurity landscape.

How Does Zero Trust Architecture Work?

When implementing a zero trust architecture, it’s critical to note zero trust is not a single product or solution, rather it is a combinations of products, solutions, and services that work together. There is no need to “rip and replace” but rather; instead, the focus should be on augmenting the existing portfolio.

According to the National Institute of Standards and Technology (NIST), “There are numerous logical components that make up a ZTA network deployment… [which] may be operated as an on-premises service or through a cloud-based service.”

Every zero trust architecture can look different depending on where a business is in its zero trust journey, but two things remain the same: Access is core to any zero trust architecture, and businesses should ensure they have solutions at the key control points of their architectures.

The main components for any zero trust architecture should include:

  1. Authentication
  2. Access control
  3. Advanced threat protection
  4. Application visibility
  5. Application availability

Collectively, this means integrating with identity providers to better enable authentication, implementation and enforcement of identity- and context-aware policies, and conditional access.​ It also means protecting the entire environment against advanced threats, including encrypted threats (such as malware). There should be visibility into encrypted traffic, how the applications and resources work, and their level of security and trust. And, of course, apps and resources must be available for use and protected from attacks that may limit their availability. ​

How Does F5 Handle Zero Trust Architecture?

F5 provides solutions at the key control points to ensure zero trust capabilities for nearly any type of architecture. F5 aligns to NIST Special Publication 800-207: Zero Trust Architecture which provides industry-specific, general zero trust deployment models and use cases that can improve an enterprise’s security posture. Within a generalized zero trust architecture, F5 delivers solutions that support on-premises, cloud-based, and SaaS-based deployment options which cover authentication, access controls, advanced threat protection, application visibility, and application availability.

zero-trust-tenent graph

Figure 1. Continuous security improvements—F5 and the NIST tenets of zero trust

Learn more about how F5 can meet you where you are today with your zero trust journey.