摘要
零信任网络安全已被企事业单位所认可,然而如何进行零信任转型却没有标准的流程可以遵循,基于应用分类和用户角色的零信任落地路径,将零信任转型工作划分为应用隔离、身份认证、统一门户、访问策略、逐步迁移等独立的任务,同时制定连贯的计划来确保各项任务的推进、衡量和评估,确保每个阶段的用户影响最低。这个过程以VPN替换、应用微隔离和构筑统一的安全管理平台为目标,逐渐使远程访问变得更容易、网络管理变得更简单、应用数据变得更安全。基于这个过程,企事业单位可以探索出一条属于自己的零信任成功转型之路。
Zero trust network security has been accepted by enterprises and institutions.However,there is no standard process transferring into zero trust architecture can be followed.Zero trust process based on application classification and user role,makes a coherent plan with independent task step by step including micro segmentation,identity access management,unified portal,strategy management,migration by role,etc.This process aims at VPN replacement,application micro-isolation,and building a unified security management platform,gradually makes remote access simpler,network management easier,and application data safer.Based on this process,enterprises and institutions can explore a successful way of zero trust transformation.
作者
秦益飞
张英涛
张晓东
QIN Yifei;ZHANG Yingtao;ZHANG Xiaodong(Jiangsu Enlink Network Technology Co.,Ltd.,Nanjing Jiangsu 210012,China)
出处
《信息安全与通信保密》
2021年第1期84-91,共8页
Information Security and Communications Privacy
关键词
零信任
微隔离
远程办公
统一门户
零信任转型
零信任落地
zero trust
micro segmentation
telecommuting
unified portal
zero trust transformation
zero trust practice
