See how the Cisco Zero Trust solution aligns to industry analyst Forrester's Zero Trust eXtended (ZTX) model. Cisco Zero Trust is a comprehensive way to establish trust at every point of access, throughout your infrastructure.
Using data from millions of authentications, Duo examines how organizations are enabling work from anywhere, on any device, by implementing controls to ensure secure access to applications.
The Zero Trust eXtended (ZTX) framework enables direct mapping of technology purchases and strategic security decisions to seven core pillars.
What does the technology do that enables data categorization, schemas, isolation, encryption, and control?
What does the technology do to enable the principles of network isolation, segmentation, and ultimately security?
Users: How does the solution secure the people using the network and business infrastructure, and does it reduce the threat that users create?Devices: How does the solution employ device controls, isolation, identification, and inventory?
Does the solution or technology secure areas such as cloud networks, apps and anything else that a business or organization uses to make the business operate technically?
How does the technology or solution automate and orchestrate zero trust principles and empower the business to have more powerful control of disparate systems?
Does the technology or solution provide useful analytics and data points and eliminate dark corners of systems and infrastructure?
The Cisco Zero Trust security architecture helps you secure data by classifying and categorizing data; authorizing user and device access to data; preventing data loss and exfiltration; and encrypting emails and device data.
Monitor data transfers and tag workloads with sensitive data and define access control policies.
Protect data at the point of application access and enforce security best practices like encryption on end users' devices.
Stop data exfiltration and ransomware execution by preventing connections to attackers' servers.
Enforce data encryption and enable remote wipe, integrated network access control, and secure containerization.
Detect threats, better secure sensitive data, and continuously monitor cloud environments with this data loss prevention (DLP) tool.
Prevent data loss, encrypt content, and safeguard sensitive emails at rest and in transit.
Cisco Zero Trust solutions secure all user and device connections across your network, including IoT. Our automated network-segmentation capabilities allow you to set micro-perimeters for users, devices, and application traffic without requiring a network redesign.
Get complete visibility by identifying, classifying, and assembling the necessary context on users and endpoints, including IoT.
Build visibility-based network segmentation and policy control into your security architecture.
Build granular segmentation directly into your network, eliminating the need for complicated infrastructure configurations.
Implement adaptive threat containment to ensure your organization's security posture evolves as threats do.
Ensure policy is enforced close to source on unencrypted traffic, as well as in the network, based on encrypted traffic analytics.
Identify malware in encrypted traffic using network analytics.
Ensure only trusted users and secure devices can access applications, while retaining usability. Cisco Zero Trust verifies trust through strong authentication, continuous endpoint monitoring, and custom security policies to protect every application.
Protect against credential compromise: Verify your users' identities with multifactor authentication.
Gain visibility into access activities: Get visibility into access activity across all locations, devices, and users. Control cloud application access and prevent malicious connections.
Enforce access policies for very application: Set policies based on your organization’s risk tolerance level and requirements.
Provide self-remediation options: Notify users when security controls are not met and prompt them to update.
Protect against email compromise: Detect fraudulent senders while adapting in real time to block phishing attacks and malware.
Provide visibility into all devices: Regardless of management status, get visibility into devices being used to access applications both on and off the network.
Enforce trustworthiness of user devices: Identify risky devices, enforce contextual access policies, and report on device health using an agentless approach or by integrating with your device management tools.
Block access from compromised devices: Protect your network, endpoints and email by identifying threats, while blocking and removing malware.
Block malware: Stop malware before it reaches your devices by blocking access to malicious websites and IP addresses.
Establish controls for devices: Get unified device management for both mobile and desktop environments, to enable seamless onboarding and automated security policy enforcement.
Secure connections for all APIs, microservices, and containers that access your applications, no matter where they're located. Cisco Zero Trust, deployed on-premises or in the cloud, provides a comprehensive way to secure your app stack. Micro-segmentation helps you contain threats and protect against lateral movement.
Have control over every connection from users and devices to both your applications and your network, across a multicloud environment.
Minimize lateral movement for on-premises and multicloud environments.
Enforce application-specific user and device access policies. Flag anomalies using behavioral analysis to reduce your attack surface.
Get clarity into every component and dependency, across any environment, with flow maps.
Deep diagnostic capabilities enable you to identify root cause.
Identify root causes of threats with deep diagnostic capabilities.
Cisco Zero Trust provides insights into vulnerabilities across users, network, endpoint, cloud, and applications. Comprehensive data collation and integrations with third-party data solutions establish and enforce trust at the point of access. Continuous re-evaluation of trust levels makes it easy to adapt policies.
See activities and manage security policy across all parts of the infrastructure to enforce access decisions based on threat detection and meaningful analytics.
Gain contextual awareness across your security ecosystem to help your teams share insights and coordinate responses faster.
Collect, categorize, and correlate device, application, and user data into actionable business insights.
Get by-the-minute security reporting and log capture that can be consumed in a dashboard or exported to third party SIEM and SOAR.
Ingest and analyze telemetry from network devices and capture additional contextual information about the source of potential threats.
Detect and report on security posture of devices and modify policies to mitigate threats such as browser vulnerabilities and OS compromises, ensuring sources meet standards.
Integrating and automating security across your entire IT environment is key for the success of your zero-trust strategy. By automating policy enforcement based on dynamic visibility, you can continually maintain trust and contain threats.
Remediate security threats faster and more precisely with by automating workflows in just a few clicks.
Use pre-built workflows aligned to common use cases or build your own with a no/low-code canvas to eliminate friction in your processes and automate routine tasks.
Block potential malicious devices, URLs and users before they gain access through malware detection, DNS layer security and user fraud alerts.
Get dynamic updates based on indication of compromise (IoC), enable data sharing, policy orchestration, information sharing, and threat response beyond the perimeter.
To support a successful implementation of a zero-trust security approach, Cisco Zero Trust provides a comprehensive portfolio of Cisco Secure solutions and Zero Trust Strategy Service. It also integrates with an ecosystem of other products to provide complete zero-trust security for any enterprise environment.
Simplify your security by connecting the Cisco Secure portfolio and your infrastructure with SecureX, our cloud-native, built-in platform experience.
Zero Trust: Going beyond the perimeter
Cisco named a leader in the 2020 Forrester Zero Trust Wave report
Cisco Zero Trust solution overview
Learn more and get started
Workforce: Zero-trust evaluation guide for the workforce
Demo: Duo secure access
Workplace: Forrester ZTX networks guide
Demo: Secure network
Workloads: Cisco Tetration platform for workload protection data sheet
Demo: Secure workload