Posted: 2 Min ReadFeature Stories

Broadcom Joins Forces with NIST NCCoE on Zero Trust Practice Guide

A long-time partnership results in a useful roadmap for implementing Zero Trust

Symantec and VMware are long-time partners to the National Cybersecurity Center of Excellence (NCCoE). The NCCoE, a part of the National Institute of Standards and Technology (NIST), is a collaborative hub where industry organizations, government agencies and academic institutions work together to address businesses’ most pressing cybersecurity challenges. Through this collaboration, the NCCoE develops modular, easily adaptable example cybersecurity solutions using standards, best practices and commercially available technology.

These solutions are documented by the NCCoE across media such as the NIST Special Publication 1800 series, industry-specific papers, videos and interactive guides. The NCCoE also maps capabilities to the NIST Cybersecurity Framework and details the steps needed for another entity to recreate example solutions in part or in full.

Collaborating on Zero Trust architecture

Symantec and VMware are proud to participate in NCCoE’s most recent project on Zero Trust architecture, which applies to a conventional, general-purpose enterprise IT infrastructure and is aligned with the concepts and tenets documented in NIST SP 800-207, Zero Trust Architecture

For this collaborative project, the Symantec product team partnered with 24 technology vendors to demonstrate Zero Trust security strategies as defined in NIST SP 800-207. The goal was to build out end-to-end environments each at different stages of Zero Trust. We referred to those stages as “Crawl, Walk and Run.”

As a group, we worked to build out a comprehensive list of use cases and scenarios to test each lab against to prove either complete or partial support. These were focused on key outcomes such as supporting secure user access regardless of the user’s location or device, protecting organizational assets regardless of their location (on-premises or cloud-based) and limiting the risk of insider threats and breaches.

Symantec’s build-out was categorized as a Software Defined Perimeter (SDP) and SASE platform exercise. To provide this build-out, we leaned on our robust hybrid architecture to offer security controls at the cloud and edge. Core to the solution were Symantec’s Cloud SWG and ZTNA technologies to maintain in-line security while users are accessing resources both in the cloud and on-premise. Critically important for Symantec, we also saw DLP Cloud Detection as a key capability for delivering on the use cases for protecting sensitive corporate data. This gave us granular policy capabilities to differentiate what data can be accessed and how it should be protected.

From NIST: A roadmap to success

As part of this project, NIST has published a complete practice guide describing which technologies were leveraged, how they were deployed and configured, and what the test case outcomes were. The goal of this documentation is to ensure organizations can understand practical ways to achieve Zero Trust with the technologies they already own and what other technologies they may want to consider to address any gaps in their security environment.

In discussing Zero Trust architectures with Symantec customers, often the conversation comes to a crossroads on “how” to actually deliver Zero Trust, as it’s not just a singular set of technologies–it is very much a mesh of controls architected, configured, and deployed in the right way. We are thrilled to have done this work with NIST so we could create tangible plans for achieving Zero Trust in any organization and ultimately delivering better security for the world around us. Check out the NIST Publication on Implementing Zero Trust for insight into how to better implement Zero Trust security in your organization.

Symantec Enterprise Blogs
You might also enjoy
4 Min Read

Roll Out SSE Components Without Getting Rolled Over

Say hello to your Symantec Cloud SWG Agent Traffic Manager (ATM)

Symantec Enterprise Blogs
You might also enjoy
5 Min Read

Securing Your Foundation

Why you need host-based access control

About the Author

Sunjeet Randhawa

Director, Government Affairs & Policy Counsel

Sunjeet is a Director for Government Affairs & Policy Counsel and is based in Washington, D.C. He focuses on U.S. policy and global government partnerships, and manages much of Broadcom Software's operational partnership with the U.S. and other governments.

About the Author

Kyle Black

Technical Director - Information Security

Kyle is currently a Technical Director for the Information Security Group focusing on maturing data protection programs, mitigating insider threats, and bringing together security telemetry to deliver better outcomes to our customers.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.