Skip to main content

Palo Alto Networks Zero Trust



A strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction.


Zero Trust should be...

  • Comprehensive

    • Zero Trust should never focus on a narrow technology. Instead, it should consider the full ecosystem of controls–network, endpoint, cloud, application, IoT, identity and more–that many organizations rely on for protection.
  • Actionable

    • Implementing Zero Trust isn’t easy, but getting started shouldn’t be hard. Consider what current set of controls can be immediately leveraged. Once your Zero Trust foundation is established, we’ll help you go to what’s next.
  • Intelligible

    • Zero Trust is not a service, it’s a concept – and a simple one at that: trust nothing. Rather than explaining specialized point solutions in geek speak, Zero Trust is easily conveyed to nontechnical executives. Trust nothing, validate everything. Always.
  • Scalable

    • We can’t get you to use our framework if it doesn’t make your enterprise more secure and spend less. Palo Alto Networks offers a lot of products, and while we don’t do it all, we strive to be a resource for your entire Zero Trust journey.


PAN's zero trust architecture is organized around three domains: users, applications, and infrastructure. For each of these domains, it identifies four areas that must be secured: identity, device/workload, access, and transaction.

PAN services map onto this matrix.

The Five Steps to a Zero Trust Network

PAN recommends these best practices for migrating to a zero trust network.

The Role of the SOC

A notable differentiator in PAN's zero trust strategy is that it includes - and even emphasizes the role of - the SOC in an organization's overall security architecture.

Top Resources