The NIST National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft practice guide, Implementing a Zero Trust Architecture (NIST SP 1800-35), for public comment. This publication outlines results and best practices from the NCCoE effort to work with 24 vendors to demonstrate end-to-end zero trust architectures.
Two resources of NIST SP 1800-35 have been released. One is the “High-Level Document in PDF Format,” which serves as introductory reading with insight into the project effort including a high-level summary of project goals, reference architecture, various ZTA implementations, and findings.
The “Full Document in Web Format” provides in-depth details about technologies leveraged, their integrations and configurations, and the use cases and scenarios demonstrated. It also contains information on the implemented security capabilities and their mappings to the NIST Cybersecurity Framework (CSF) versions 1.1 and 2.0, NIST SP 800-53r5.
The public comment period for this publication has closed; thank you to everyone who submitted their feedback.