The 800-series of NIST's special publications are developed to address and support the security and privacy needs of U.S. Federal Government information and information systems. Entities outside of the U.S. Federal Government may voluntarily adopt NIST’s SP 800-series publications unless they are contractually obligated to do so (e.g., see SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations”).
The SP 800-207 contains an abstract definition of zero trust architecture (ZTA) and gives general deployment models and use cases where zero trust could improve an enterprise's overall information technology security posture. Zero trust focus on protecting resources (assets, services, workflows, network accounts, etc.), and the network location is no longer seen as the prime component to the security posture of the resource. Elisity Cognitive Trust identity-based microsegmentation and least privilege access solution de-couples cybersecurity from underlying network constraints and accelerates the zero trust journey.
Elisity’s solution architecture supports the NIST Cybersecurity Framework (CSF) and matches the proposed zero trust architecture by utilizing a policy engine and a policy administrator (Elisity Cloud Control Center), policy enforcement points (Elisity Virtual Edge), and policy information points (integrated IDP, CMDB, SIEM, and other platforms).
Elisity uses the customer’s existing switching infrastructure as policy enforcement points and identity and telemetry sources as policy information points. Elisity Cloud Control Center is the cloud-native, cloud-managed, and cloud-delivered administration SaaS that acts as the policy engine and policy administrator. As a result, Elisity accelerates deployment, simplifies management, reduces cost, and delivers a non-disruptive experience.
Get in touch with us about your NIST compliance-related project and learn how you can accelerate it with Elisity Cognitive Trust.