Network security makes it possible to protect the technological architecture of companies by combining software and hardware tools to deal with threats. However, attackers use increasingly sophisticated inspection techniques to breach security, seriously damaging the continuity of the organization’s services. In recent years, cyber-attacks using advanced mechanisms and knowledge in ethical hacking have increased exponentially. Therefore, the objective of this research is to implement a zero Trust architecture (ZTA) as a solution model to reduce security breaches and respond efficiently to malicious attacks. The methodology used is based on the NIST Cybersecurity Framework, developed by the National Institute of Standards and Technology, which consists of five phases: Identify, Protect, Detect, Respond and Recover. For the emulation of the project, it was performed on the EVE-NG platform and in a real environment. The results show that the ZTA design achieves 80% effectiveness in authentication, 70% traffic review, and attack mitigation through the new security policies. In addition, another important aspect is the reduction of packet loss and the limitation of attack vectors. In conclusion, the Zero Trust architecture allows to strengthen security controls both internally and externally, allowing to manage access to company resources only for authorized personnel. In addition, it facilitates the detection of anomalous behavior to mitigate potential threats.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Implementing a Zero Trust Architecture for Network Security in Corporate IT Enterprises

  • Josue Gutierrez,
  • Wilfredo Ticona

摘要

Network security makes it possible to protect the technological architecture of companies by combining software and hardware tools to deal with threats. However, attackers use increasingly sophisticated inspection techniques to breach security, seriously damaging the continuity of the organization’s services. In recent years, cyber-attacks using advanced mechanisms and knowledge in ethical hacking have increased exponentially. Therefore, the objective of this research is to implement a zero Trust architecture (ZTA) as a solution model to reduce security breaches and respond efficiently to malicious attacks. The methodology used is based on the NIST Cybersecurity Framework, developed by the National Institute of Standards and Technology, which consists of five phases: Identify, Protect, Detect, Respond and Recover. For the emulation of the project, it was performed on the EVE-NG platform and in a real environment. The results show that the ZTA design achieves 80% effectiveness in authentication, 70% traffic review, and attack mitigation through the new security policies. In addition, another important aspect is the reduction of packet loss and the limitation of attack vectors. In conclusion, the Zero Trust architecture allows to strengthen security controls both internally and externally, allowing to manage access to company resources only for authorized personnel. In addition, it facilitates the detection of anomalous behavior to mitigate potential threats.