Adopting zero-trust and micro-segmentation as core design principles can help improve the security posture of your network and attached systems. However, it is important to understand how we got to our current state to understand how these principles can help us.
First, a quick review of current network security architecture. Many organizations have adopted some variation of a zone-based model for network security. The most prevalent model is comprised of some combination of four security zones: Untrusted/Internet, DMZ, Trusted/Internal and Restricted (PCI/etc.). The basic principle is to separate resources into the appropriate zone, and only allow traffic to traverse the zone boundaries through one or multiple security controls, including a firewall.
To read the entire article, please click on https://securityboulevard.com/2019/08/network-security-keys-to-adopting-zero-trust-micro-segmentation/