To help organizations enable secure authorized access to resources, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) launched the Zero Trust Architectureproject. F5 along with our fellow collaborators were selected to work with the NCCoE on this project. Together, we are collaborating with ZTA technology providers to build several example ZTA solutions and demonstrate their ability to provide secure access to corporate resources. The solutions will enforce corporate security policy dynamically and in near-real-time to restrict access to authenticated, authorized users and devices while flexibly supporting a complex set of diverse business use cases involving a remote workforce, use of the cloud, partner collaboration, and support for contractors.
The preliminary draft guide is open for public comment. We encourage anyone with a stake in securing their enterprise to share their expertise with us. Commercial mobile network operators, potential private zero trust network operators, and organizations using and managing zero trust-enabled technology will find this publication of particular interest.
*While the example implementations use certain products, NIST and the NCCoE do not endorse these products. The guide presents the characteristics and capabilities of those products, which an organization’s security experts can use to identify similar standards-based products that will fit with their organization’s existing tools and infrastructure.