The Zero Trust Architecture (ZTA) team at NIST’s National Cybersecurity Center of Excellence (NCCoE) has
published volume B of a preliminary draft practice guide titled “Implementing a Zero Trust Architecture” and is
seeking the public’s comments on its contents. This guide summarizes how the
NCCoE and its collaborators are using commercially available technology to
build interoperable, open standards-based ZTA example implementations that
align to the concepts and principles in NIST Special Publication (SP) 800-207,
Zero Trust Architecture. As the project progresses, the preliminary draft will
be updated, and additional volumes will also be released for comment.
As an enterprise’s data and resources have become distributed
across the on-premises environment and multiple clouds, protecting them has
become increasingly challenging. Many users need access from anywhere, at any
time, from any device. The NCCoE is addressing these challenges by
collaborating with industry participants to demonstrate several approaches to a
zero trust architecture applied to a conventional, general purpose
enterprise IT infrastructure on premises and in the cloud.
We Want to Hear from You!
The NCCoE is making volume B available as a preliminary draft for
public comment while work continues on the project. Review the preliminary
draft and submit comments online on or before August 8th, 2022.
We welcome your input and look forward to your comments. We invite
you to join nccoe-zta-coi@list.nist.gov to receive
news and updates about this project.
– Zero Trust Architecture Project Team