To obtain the report, please log in to Future Think Tank.
1.1 The rise and development of zero trust architecture
Zero trust architecture is an end-to-end enterprise resource and data security method, including identity (human and non-human entities), credentials , access management?, operations, endpoints, hosting environments and interconnect infrastructure.
Zero trust architecture means zero trust. It does not mean "no trust". It is more like "no trust by default", that is, the idea of ??"building trust from scratch". The zero-trust security system is built around "identity", designed based on the principle of minimizing permissions, and performs dynamic identity authentication and authorization based on the risk level of access.
1.2 The three core components of the zero trust architecture
1.3 The six implementation elements of zero trust - identity authentication
2.1 The zero trust security solution mainly includes Four modules
2.2 Main deployment scenarios of zero trust
2.3 Zero trust will bring incremental effects to some security products
2.4 Zero trust will Becoming an important future development direction of the security industry
Zero trust has captured the current pain points of network security users. Zero trust is an important development direction of future network security technology. According to Cybersecurity's survey, the biggest challenge to current network security is that the access ports of private applications are very scattered and internal users have too many permissions. 62% of enterprises believe that protecting ports spread across various data centers and clouds is currently the biggest challenge, and 61% of enterprises are most worried about the problem of too many permissions being given to internal users. These two points are exactly the problems that zero trust focuses on solving. Currently, 78% of network security teams are trying to adopt a zero trust architecture.
3. Investment suggestions
The increasing complexity of enterprise business and the increasing pressure on information security protection have given rise to zero trust architecture.
As enterprises move to the cloud, digital transformation accelerates, and network infrastructure increases, the number of users/devices accessing resources increases rapidly, and the concept of network boundaries gradually blurs; user access requests become more complex, causing enterprises to Users are over-authorized; attack methods are becoming more complex, and exposure and attack surfaces are growing, resulting in increased pressure on enterprise security protection. Faced with these new changes, the traditional security protection model based on boundary construction and trust domain division through network locations can no longer meet enterprise requirements. By dynamically assessing the identity, permissions, and environment of users and devices and performing minimum authorization, the zero-trust architecture can better meet the needs of enterprises in remote office, multi-cloud, multi-branch, and cross-enterprise collaboration scenarios than traditional architecture. Security requirements.
The zero-trust architecture involves multiple product components, creating incremental demand for the domestic network security industry.
The practice of zero trust requires various security product combinations, which will form incremental requirements for related products: 1) Unified identity authentication and authority management systems/services such as IAM/IDaaS to achieve user/terminal Identity management?; 2) Security gateway: Currently, the security gateway based on SDP is an emerging technology direction. However, it is still difficult to implement full application protocol encrypted traffic proxy. It can also be based on existing NGFW, WAF, VPN products undergo technological upgrades; 3) Security platform products such as situational awareness, SOC, and TIP are the brains of zero trust, helping to monitor corporate asset status, threat intelligence data, etc. in real time; 4) EDR and cloud desktop management? With the cooperation of other terminal security products, the zero-trust architecture can be extended to terminals and users; 5) Log auditing: Aggregate logs from various data sources and conduct audits to provide data for the policy engine. In addition, other products such as Trusted API Agent also play an important supporting role.
The practice of zero trust will promote the security industry’s business model transformation and further increase vendor concentration.
At present, the domestic network security industry has entered a new stage of innovation in product form, solutions and service models after years of accumulation of core technologies. Zero trust is not a product, but a new security technology framework that helps enterprises further improve their protection capabilities by reshaping the security architecture. Under the traditional architecture based on Ethernet, security devices interact relatively little and can be interconnected through standard protocols, resulting in very scattered hardware procurement. However, the practice of zero trust requires security devices to interact with each other and implement multi-cloud environments. Data sharing accelerates the development of the security industry from stacking security hardware to providing solutions/services, while forming strong stickiness to customers.
We believe that manufacturers with strong R&D capabilities and complete product lines will have increasingly obvious advantages.
Due to the different customer structures in the Chinese and American security markets and the differences in the speed of enterprises’ access to public clouds, the success of American zero-trust SaaS companies still lacks a basis for replication in China.
The bulk of the demand for network security in the United States comes from enterprise customers. These enterprise customers have a high degree of acceptance of public clouds. In the past few years, there has been an obvious trend of cloud migration. According to the "2019 Work Report" released by Okta, Okta customers have an average of 83 cloud applications, and 9% of them have more than 200 cloud applications. In this multi-cloud era, unified identity authentication management for enterprise-level users is difficult, and the boundaries between the enterprise's internal and external networks are extremely blurred. This is the core reason for the development of Okta's zero-trust SaaS business model. At present, the domestic network security market demand is mainly concentrated in the government and industries (finance, operators, energy, etc.). These customers currently mainly use private clouds, and the deployment model of network security products has not yet entered the SaaS stage. . However, as my country's public cloud penetration rate increases in the future and network security expands into the enterprise customer market, zero-trust related SaaS businesses will usher in growth opportunities.
Investment advice:
The deployment model of zero-trust architecture is expected to increase the concentration of the domestic network security market and further promote the expansion of the market by leading manufacturers with strong R&D capabilities and a full line of security products. share and increase user stickiness, we strongly recommend Venustech, NSFOCUS Technology, Sangfor, Nanyang Shares, and pay attention to Science and Technology Innovation Star Qi Anxin and Anheng Information.
< /p>
p>
(The opinions of the report belong to the original author and are for reference only. Author: China Merchants Securities, Liu Ping, Fan Rui)
For the complete report, please log in to Future Think Tank.