Implementing a Zero Trust Architecture for Network Security in Corporate IT Enterprises
摘要
Network security makes it possible to protect the technological architecture of companies by combining software and hardware tools to deal with threats. However, attackers use increasingly sophisticated inspection techniques to breach security, seriously damaging the continuity of the organization’s services. In recent years, cyber-attacks using advanced mechanisms and knowledge in ethical hacking have increased exponentially. Therefore, the objective of this research is to implement a zero Trust architecture (ZTA) as a solution model to reduce security breaches and respond efficiently to malicious attacks. The methodology used is based on the NIST Cybersecurity Framework, developed by the National Institute of Standards and Technology, which consists of five phases: Identify, Protect, Detect, Respond and Recover. For the emulation of the project, it was performed on the EVE-NG platform and in a real environment. The results show that the ZTA design achieves 80% effectiveness in authentication, 70% traffic review, and attack mitigation through the new security policies. In addition, another important aspect is the reduction of packet loss and the limitation of attack vectors. In conclusion, the Zero Trust architecture allows to strengthen security controls both internally and externally, allowing to manage access to company resources only for authorized personnel. In addition, it facilitates the detection of anomalous behavior to mitigate potential threats.