Cyber Lines of Communication
Establishing secure CLOCs to move information across the military operating environment is the operational imperative behind the DoD’s Zero Trust Reference Architecture (RA). The RA identifies 7 principles as guidance across the department as each military department implements zero trust. The first principle: Assume no implicit or explicit trusted zone in networks. As described above, relying on secure network technologies (Virtual Private Networks, Firewalls, Cross-Domain Solutions, etc.) will not protect the information resident on those networks. Each of the other principles build on the first and provide components that make use of the architecture to deploy a CLOC.
There are a couple of operational use cases that are top of mind in the department today where mission success requires leveraging CLOCs through zero trust. The first is Agile Combat Employment (ACE). The ACE vision requires a lean and light force that is capable of rapidly dispersing throughout an area of responsibility (AOR) with a minimal footprint. Cyber operators typically bring many pallets of information and computing technology (ICT) to establish a forward operating location. The ICT brought forward includes networking hardware, security tools to protect the network, and servers with mission critical apps. With zero trust establishing CLOCs to securely access cloud-based mission critical apps, the amount of equipment necessary is dramatically reduced and thus becomes a force multiplier to achieve the ACE vision.
So how does zero trust make it possible to reduce the deployable footprint? A cloud-based security solution, that operates in-line between the user and the application, dramatically shrinks the requirement to leverage hardware security appliances that attempt to secure the network (violating principle #1 in the RA) and protect users. Creating a CLOC through zero trust is essentially creating an HOV lane tha ..
Support the originator by clicking the read the rest link below.
