intelligent

As organisations attempt to carry out broad network transformations , moving to a Zero Trust architecture is a critical initial step . Mohit Bijlani , Head of UK / IRE at Cloudflare , tells us about how Cloudflare ’ s approach differs from other vendors and the most significant risks it helps mitigate .

Zero Trust is a widely discussed approach . How does Cloudflare think about Zero Trust ?

Before discussing Zero Trust , we need to understand how traditional IT security paradigms operate or have operated . With the right traditional IP security models applied , what we recognise as the castle and moat concept , means the network perimeter is considered a relatively safe zone or the ‘ castle ’. Security controls were mainly applied to actors trying to gain access to resources and applications that resided within that network perimeter from the outside . In this case , those who were a part of the organisation within that network perimeter were trusted implicitly and given free rein along with access to almost everything .

In contrast , Zero Trust Security Architecture implies you should trust no one and nothing implicitly . Regardless of where actors are accessing applications or resources from and agnostic of where those resources or applications reside . It is important to understand that this is a common fallacy . People think that Zero Trust is a single product or piece of technology but that is not the case . Instead , it is a framework that comprises several different security principles and technologies with a Zero Trust Network Access , or zip DNA as it is commonly referred to , being the driving principle . The market invariably uses these two interchangeably .

How does Cloudflare ’ s approach to providing ZT security differ from other vendors in this space ?

Firstly , a vendor landscape is typically two buckets – either vendors such as hardware appliance-based vendors , right point solution vendors , such as makers of VPNs , network firewalls or they could be cloud-based vendors who are essentially replicating the same functionality but , in a software-defined and SAS consumable mode , still points solution vendors .

Cloudflare ’ s approach is different in two ways , one being that we have one of the largest networks in the world to deliver security , with