The NIST National Cybersecurity Center of Excellence (NCCoE) has released the final practice guide, Implementing a Zero Trust Architecture (NIST SP 1800-35). This publication outlines results and best practices from the NCCoE effort featuring work with 24 vendors to demonstrate end-to-end Zero Trust Architectures.
As an enterprise’s data and resources have become distributed across on-premises and multiple-cloud environments, protecting them has become increasingly challenging. Many users need options to access information across the globe, at all hours, across devices. The NCCoE addressed these unique challenges by collaborating with industry participants to demonstrate 19 sample Zero Trust Architecture implementations.
Detailed technical information for each sample implementation can serve as a valuable resource for technology implementers by providing models they can replicate. The best practices and lessons learned from the implementations and integrations can help organizations save time and resources.
Two resources of NIST SP 1800-35 have been released:
- A “High-Level Document in PDF Format” serves as introductory reading with insight into the project effort, including a high-level summary of project goals, reference architecture, various ZTA implementations, and findings.
- A “Full Document in Web Format” provides in-depth details about technologies leveraged, their integrations and configurations, and the use cases and scenarios demonstrated. It also contains information on the implemented security capabilities and their mappings to the NIST Cybersecurity Framework (CSF), NIST SP 800-53r5, and NIST critical software security measures.
Learn more...
