The Defense Intelligence Agency (DIA) has developed a specific definition for Zero Trust. EnGarde has the most complete end-to-end Zero Trust solution available.

The first area defined by the DIA is management of the user. The user is authenticated by multi-factor authentication, users are granted least privilege access, the passwords are vaulted and traffic and the user are continuously determined to be authentic. Unknown users or anomalous traffic are blocked and administrators notified as determined by preference. EnGarde meets all requirements of the DIA and is rated Advanced.

The second area is management of devices. Devices are inventoried, registered and managed for compliance. Patching and updates are enforced. EnGarde provides OSI layer 2 point-to-point secure remote access that is not a VPN. EnGarde meets all requirements of the DIA and is rated Advanced.

The third area is management of workloads. Applications are inventoried and virtualized. Development environments must be managed with session keys. Finally, environments are fully virtualized. All of these are enabled. In Engarde, encrypted traffic is not only managed and segregated by user and by session, but different keys are established for each direction of the secure connection. EnGarde meets all requirements of the DIA and is rated Advanced.

The fourth area is management of data. Data is mapped and paths determined. Data is classified and access is segmented. DLP, DRM and Encryption implemented. EnGarde is incorporating a separate licensable component that offers data mapping and categorization and provides DLP. Data-at-rest encryption is enforced in conjunction with the standard in-transit encryption. In the next release, EnGarde will meet all requirements of the DIA and will be rated Advanced.

The fifth area is management of the network/environment. The network is fully micro-segmented and encrypted. EnGarde provides this full micro-segmentation and certified encryption at ISO layer 2 and EnGarde meets all requirements of the DIA and is rated Advanced.

The sixth area is management of automation/orchestration. This management should identify and automate processes. The sixth track is the only track where EnGarde is not currently offering a direct solution. EnGarde works and secures products that operate in this area and will complement these products by securing these products.

The seventh area is visibility/analytics. This requirement requires the system to log all traffic and feed to the Security Information and Event Management System (SIEM). EnGarde uses this data for analytics and uses this data to shape policies. EnGarde logs all data and feeds to any SIEM system. EnGarde uses this data for anomaly detection and uses a learning model to develop policies based on traffic and logs. EnGarde meets all requirements of the DIA and is rated Advanced.