By John Kindervag
How the Principles of Journalism Help Define Zero Trust Policy
Everyone knows that in order for a news article, blog post or white paper to have any credibility, a writer needs to cover the “who, what, where, when, why and how” of the topic. Without covering these things, the reader is left with a partial story. We can credit Rudyard Kipling for clearly defining these journalistic essentials for us:
I keep six honest serving-men
(They taught me all I knew);
Their names are What and Why and When
And How and Where and Who.
-Rudyard Kipling, Just So Stories, 1902
However, the usefulness of this “Kipling Method” extends far beyond journalistic best practices. For years, I have used the Kipling Method to help companies define policy and build Zero Trust networks. It ensures that security teams are thorough in their definitions and that anyone, including non-technical business executives, can understand cybersecurity policies due to the simplicity of the approach. Given that the first design principle of Zero Trust is to focus on business objectives, this method is particularly useful.
Policy at Layer 3 vs. Policy at Layer 7
In order to actually apply the Kipling Method and build a real Zero Trust architecture, you need to understand why it cannot be done with Layer 3 technologies.
First, what is the difference between Layer 3 and Layer 7? Layer 3 is the layer where information is evaluated based only on IP address, port or protocol. It is severely limited by the lack of information that can be seen. IP addresses can be spoofed. Simple port scans will uncover all the open ports so that the attacker can encapsulate stolen data and exfiltrated across the open port, and the protocol is really just a metadata tag to help the administrator understand the type of traffic that is supposed to be traversing a specific port. Most importantly, ALL adversaries know how to bypass Layer 3 controls. You need to be able to define things with higher fidelity to keep your company secure.
Layer 7 is much more specific. It is where information is evaluated based on the actual application that’s being used (for example, defining Facebook as a unique application rather than traffic running across ports 80 and 443). While at Forrester, I created a five-step methodology to a Zero Trust network. The fourth step states that you need to write policy rules for your segmentation gateway based on the expected behaviour of the data and the user or applications that interact with that data. This is what the Palo Alto Networks Next-Generation Firewall, serving as a segmentation gateway in a Zero Trust environment, allows you to do, and due to the granularity of the policy, it can only be done at Layer 7.
The Kipling method has been designed to help both business leaders and security administrators define granular, Layer 7 policies using the simple who, what, when, where, why and how methodology given to us by Rudyard Kipling. Individuals who have never considered writing firewall policy can easily understand this methodology and help define the criteria necessary to create a rule set for your segmentation gateway.