Theory
Constructing a Network Defense Paradigm The Third Zone Network Architecture (3ZAM)
Author(s): Anthony Mazza*
Network protection strategies are in a continued state of refinement, with “defense in depth” the lingering buzz phrase for the industry- a concept of adding security protection at multiple layers rather than relying only on a perimeter firewall. But there are major issues associated with current networking architecture and best-practice DMZ models. Even with an alleged 98.5% security effectiveness when deploying best-of-breed Intrusion Prevention System (IPS) products (factoring in exploit block rates, anti-evasion capabilities, etc.) and NextGeneration Firewalls (NGFWs), network attacks that slip past one security product are likely to slip past another. This paper explores a new network defense paradigm that incorporates Zero Trust Architecture within a Third Zone Architecture Model (3ZAM). 3ZAM recognizes network security as a “process response” to the Lock.. View More»