Issue link: https://insights.oneneck.com/i/1458399
CHAPTER 3 Delivering Consistent Security Using Zero Trust 35 These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. Three core capabilities in a next-generation firewall that enable complete visibility for a Zero Trust architecture include: » Application identification » User identification » Content identification Application identification The first step in application identification is to establish the port and protocol. Next, robust application identification and inspec- tion enables granular control of the flow of sessions through a firewall based on the applications that are being used. Most enterprise network traffic is now encrypted, and attack- ers exploit encryption to hide threats from security devices. This means even businesses with mature, comprehensive secu- rity measures in place can be breached if they aren't monitoring encrypted traffic. FIGURE 3-1: Deep visibility into user, device, network, and application activity is essential to hybrid cloud and data center security.