Zero Trust Architecture is a Team Sport

table of contents

Make sure your team members play well with others

The CISA Zero Trust Maturity Model describes zero trust architecture as having five pillars: identity, devices, networks, applications/workloads, and data. Technology manufacturers have created powerful solutions to address the requirements of delivering a zero trust architecture to protect critical systems. Here is an example of the classes of solutions, highlighted in red, superimposed on the CISA maturity model to fulfill the requirements of a complete zero trust architecture: 

To clarify the abbreviations on the graphic, the classes of tools that are combined to deliver a zero trust architecture may include: 

  • IdM/IAM: Identity Management/Identity Access Management
  • EDR/XDR: Endpoint Detection & Response/Extended Detection & Response
  • DPL: Data Loss Prevention
  • NGFW: Next-Generation Fire Wall
  • Vuln. Mgmt.: Vulnerability Management
  • IDS/IPF: Intrusion Detection System/Intrusion Prevention System
  • ZTNA: Zero Trust Network Access
  • SASE/SSE: Secure Access Service Edge/Security Service Edge
  • Threat Intel: Cyber Threat Intelligence
  • SIEM/SOAR: Security Information & Event Management/Security Orchestration Automation & Response
  • Microsegmentation: zero trust network microsegmentation

Several vendors who have a robust solution in one of the pillar areas have successfully expanded their offering to encompass at least part of the requirements for another pillar. But it’s an obvious fact that no single vendor completely covers all the requirements for each of the pillars in one solution.  As a born-and-bred New Yorker and Yankees fan, please allow me to quote that historically preeminent cyber security expert, the Great Bambino: 

“The way a team plays as a whole determines its success.”

~ Babe Ruth

The complete strategy for protecting your enterprise will include solutions from more than one vendor. Therefore, your solution providers must be willing to integrate their technology to work together synergistically with other vendors’ products to accomplish the overall goal of protecting the enterprise.  

Some vendors find this uncomfortable from a company culture or technology perspective. The “not invented here” syndrome is a real thing, especially for larger vendors or ones with leading technology in a given pillar. In the game of zero trust cyber security, some players are ball hogs. Others make a better effort to integrate with other technologies to provide customers with a holistic solution.  

ColorTokens is one of the latter.  While we are a leader in microsegmentation (as evaluated by Forrester, GigaOm, Gartner, and others), we have made a concerted effort to integrate our Xshield Enterprise Microsegmentation PlatformTM  with other classes of tools.   

ColorTokens’ microsegmentation solution is an essential technology for a zero trust architecture. It prevents the spread of malware or ransomware in the diverse enterprise topology by putting zero trust policy enforcement points as close as possible to the assets and resources—in a much more granular way than traditional VLAN or ACL-based network segmentation. It increases cyber resilience by stopping the spread of malware and ransomware, so a breach does not become a crisis.  

Our enterprise microsegmentation platform goes beyond traditional breach prevention strategies; it makes the enterprise breach ready. This is crucial because recent events tell us that despite all the investments made in perimeter defenses and breach prevention, a breach is inevitable for most organizations. That’s why microsegmentation is a foundational cybersecurity strategy in the networks pillar of the zero trust maturity model, with overlap into the applications & workloads pillar. To help our clients execute a complete zero trust architecture that covers all the pillars, we provide out-of-the-box integrations with technology partners such as:

  • CrowdStrike: we integrate with their EDR agent to simplify deployment
  • Claroty: for discovery & fingerprinting of Cyber-Physical Systems
  • Nozomi Networks:  for discovery & fingerprinting of Cyber-Physical Systems
  • Medigate: for discovery & fingerprinting of IoMT (Internet of Medical Things) devices
  • Armis: for discovery & fingerprinting of OT/IoT devices
  • Netscope: SASE
  • Splunk: SEIM
  • HashiCorp Terraform: Orchestration
  • VMware vSphere: Connectors
  • Service Now: Configuration Management Data Base (CMDB)
  • Oauth2.0 and SAML 2.0: for user authentication
  • Arcsight: SIEM and vulnerability management
  • Rapid 7: Threat Intelligence
  • Nessus: vulnerability management
  • Istio Envoy: Kubernetes service mesh

In addition to the list above, our integration strategy is predicated wherever possible on open-standards interfaces. For example, we use the OPA (open policy agent) for traffic enforcement in Kubernetes environments, SCIM, a standard protocol for user information, and CEF for integration with SIEM tools. Therefore, we can often quickly integrate if a client wants us to work with a technology for which we don’t already have an out-of-the-box connection.  

Industry authorities also recognize the importance of integration in delivering zero trust security. In the recent evaluation of 23 solutions from the landscape of microsegmentation vendors, Forrester chose 11 to highlight in their Forrester Wave: Microsegmentation Solutions, Q3, 2024. I’m proud to say that our Xshield platform was one of only four solutions rated Leader in the Wave report. One of the key criteria in Forrester’s evaluation was integrations. They, too, recognize that executing zero trust architecture requires a multi-solution team.   That’s why we think it’s notable that we were the only one of the four leaders who was evaluated as superior in third-party integrations:   

You can access the full Wave report free of charge here

We believe that playing well with other best-of-breed tools is imperative to our customer’s success, so we have invested in integration with partner technologies. Our goal is for the team to win, so we can keep our customers safe from attacks. So, when you are picking your cyber security team, don’t choose a player who is a ball hog—work with ColorTokens instead.  We’re sure the Babe would agree.  

You can connect with us at www.ColorTokens.com/contact-us