Skip to main content

Zero Trust Architecture

Zero Trust Architecture refers to how policy decision & enforcement points are designed, in accordance with zero trust principles. NIST's definition of Zero Trust Architecture:

But precisely how an organization sets up its security devices around this maxim is not obvious. For this reason, government agencies, think tanks, and companies have made resources available to organizations in the public and private spaces to help them architect their IT environments to support Zero Trust.


Governments, Industry Analysts and think tank guides are vendor-neutral and therefore somewhat less concrete, as compared to the guidance from IT companies, which promote architectures using their products and services.


NIST is a US governmental body. In their special publication 800-207, they diagram zero trust architecture like this.

Read more on NIST Zero Trust..


Cisco's homepage on zero trust. Cisco Secure's portfolio of products and services is significant. In the image below, in green, we can see Cisco's Zero Trust solution for workforce, workplace, and workload.

Read more on Cisco Zero Trust.


Microsoft's Zero Trust hub. Microsoft's Zero Trust white paper.

Read more on Microsoft Zero Trust.


Read more on Zscaler Zero Trust.

Palo Alto Networks

PAN's zero trust homepage. PAN's page on zero trust architecture.

Read more on PAN Zero Trust.