“Many organizations nonetheless hesitate to pursue it as a result of they affiliate zero belief with inflexible architectures, operational complexity, and excessive implementation prices,” Wickert says. “That notion is rooted within the legacy days of reassigning IPs, redesigning routing, re-plumbing VLANs, or bodily rewiring environments simply to implement segmentation insurance policies.”
The industry-wide shift to software-defined and cloud-driven information facilities has lifted legacy challenges whereas creating new points within the form of rising coverage and software complexity.
“One of many greatest obstacles to zero belief at scale is now not the infrastructure — it’s the problem of defining, governing, and sustaining insurance policies that adapt throughout hybrid networks, spanning on-prem firewalls, cloud-native controls, SDN, SD-WAN, and SASE applied sciences,” Wickert says. “The simplest approach to overcome these challenges is to shift the main target of segmentation from ‘units and subnets’ to purposes and their connectivity.”
