What is Zero Trust?
Bad actors can come from anywhere. Inside your network and outside. In October 2022, Russian President Vladimir Putin threatened the safety and security of the US satellites. The Federal Aviation Administration is investigating the cause of mysterious GPS interference that, starting on October 17, 2022, forced the closure of one runway at the Dallas-Fort Worth International Airport. While these issues are not directly related to Zero Trust, they underline how threats can come from anywhere and the need for Zero Trust. Syncworks’ sync and timing equipment can help defend against attacks that happen from threats within your architecture. The industry is moving rapidly toward a Zero Trust strategy. If you’re looking for guidance on how to get your sync and timing products and equipment to meet this new standard, ask our experts for what you can do to harden your architecture against these oncoming attacks.
If you’re an IT professional in a company rolling out a Zero Trust architecture, you probably have a pretty good idea of what zero trust means in your world. From a wider perspective, here are the two primary concepts to consider:
- Zero trust: a cyber security paradigm that trust is never granted implicitly
- Zero trust architecture: an end-to-end approach to enterprise resource and data security
The motto of zero trust is “never trust, always verify”. That pretty much sums it up.
Chances are that if your organization is rolling out zero trust, it started with Identity and Access Management (IAM) for users. From there, it moved on to devices connected to the network, then to the network itself by implementing strategies such as micro-segmentation, and then on to automation and analytics. These are called the “pillars” of the zero trust model.
The zero trust architecture is a migration from a perimeter-based security model to one where every person and device on the network is authenticated and authorized end to end. If your company is already on this path, this is not news. What may be news though, is the critical role that Trusted Time™ plays in the Zero Trust network. Let’s first start with why time matters.
Why Time Matters
Network-wide time synchronization accuracy and the essential role it plays in network management and security are often taken for granted in managing a network. If you’re not convinced, imagine what would happen if every network device had a different time. Chaos would break out across the network. Log files and network telemetry would be useless. Logs and telemetry time stamps would not correlate. For example, syslogs that would be received in real-time but backdated to the previous week would not be helpful. Dashboards would fault, or at least present incorrect data, and would most likely trigger alarms. Critical processes would either start too soon or too late. Network forensics would be nearly impossible, audits would be meaningless, and video time stamps would be incorrect. Enough said. As you can see, time accuracy across your company’s network is important and it does matter.
Because time is so important, you need to consider the “what, who, where, and when” of the source of time for network time synchronization. Time servers providing the Network Time Protocol (NTP) time stamps are the “what.” If the “who” and “where” are merely an IP address of a time server from the Internet or Internet NTP server pool, then you need to consider the validity and vulnerability of the “when” of the NTP time stamps that are received. This, though, is the topic of a different blog post, since free time from the Internet violates just about every principle of zero trust and cannot be considered trusted time.
What Is Trusted Time™?
Assuming you have a Microchip NTP network time server in your network, zero trust raises two key questions. Is the time implicitly or explicitly trusted? And is the time server itself, as a device connected to your network, compatible with Zero Trust networking technologies?
Trusted Time means the time server is trusted with respect to the accuracy and legitimacy of the time. It also means that it is trusted as a device connected to the network and it is compliant with the company’s security requirements.
A network security team is more interested in a time server’s security features than they are in verifying and validating the time stamp’s accuracy or bandwidth. We sell the Microchip SyncServer® S600/S650 network time servers that offer unsurpassed timing performance, let’s discuss their security attributes.
As the most secure Trusted Time network devices currently available, SyncServer time servers comply with the fundamental pillars of the zero trust model, which include users, devices, network, applications and analytics.
Syncworks delivers the highest level of expertise to every project and offers a complete menu of network synchronization services. If you’re looking for the latest equipment, or for retired products, we can help.
Our team of expert engineers from the telecom industry understands your needs, timelines, and concerns. We bring skills and resources to identify the condition of your existing sync network and discover what it will take to evolve it to support next-generation services.