domain | zerotrustroadmap.org |
title | A Roadmap to Zero Trust Architecture |
description | This roadmap was built by security experts to provide a vendor agnostic Zero Trust architecture and example implementation timeline. The timeline assumes that an organization is beginning their Zero Trust journey from scratch, but is meant to be useful for all organizations. |
keywords | access, applications, trust, zero, application, security, team, network, data, gateway, private, users, traffic, internet, user, teams, products |
summary | Move the authoritative DNS or a CNAME record to the Application Reverse Proxy Ensure all inbound ports for closed for the applications network Build policies based on user, device and network context to establish who can access the applicationAdd the SaaS application to the SSO provider Create policies to enforce which users are authorized Add the IP address of the Secure Web Gateway instance to the SaaS applications IP Allow List most SaaS apps support IP allowlists in their base security settings Create Secure Web Gateway policies that control which users can access the SaaS application |
upstreams |
cloudflare.com |
downstreams |
microsoft.com, okta.com, pingidentity.com, onelogin.com, cloudflare.com, zscaler.com, yubico.com, jamf.com, kandji.io, crowdstrike.com, sentinelone.com, oomnitza.com, dnsfilter.com, netskope.com, catonetworks.com, aryaka.com, mimecast.com, titanhq.com, amazon.com, google.com, datadoghq.com, splunk.com, solarwinds.com, docontrol.io, cisa.gov, owasp.org, ansible.com, puppet.com, terraform.io |
nslookup | A 172.67.72.150, A 104.26.13.244, A 104.26.12.244 |
screenshot | |
created | 2024-02-26 |
updated | 2024-02-26 |
|
|