Tetrate Enterprise Gateway for Envoy—the cloud-native service gateway—has reached 1.0!

Learn more › close
Tetrate Enterprise ready service mesh
NIST Special Publication - 800-207A

NIST SP 800-207A

Get guidance for Zero Trust at runtime. Co-authored by Zack Butcher, Tetrate founding Engineer.
Microservices Architecture

Setting the Standards for Zero Trust

Tetrate works with the National Institute of Standards and Technology (NIST) to define and promote the federal guidelines for Zero Trust. NIST SP 800-207A is now in public review and provides organizations with systemic guidelines for updating network and microservices security using a service mesh. Other publications in the SP 800-204 series, co-authored by Tetrate founding engineer Zack Butcher, include:

NIST Special Publication 800-204A

SP 800-204A

Building Secure Microservices-based Applications Using Service-Mesh Architecture

Download Now

NIST Special Publication 800-204B

SP 800-204B

Attribute-based Access Control for Microservices-based Applications Using a Service Mesh

Download Now

NIST Special Publication 800-204B

SP 800-204C

Implementation of DevSecOps for a Microservices-based Application with Service Mesh

Download Now

Zero Trust and NIST 800-207

As a response to the increasing number of high profile security breaches, the Biden administration issued Executive Order 14028 mandating U.S. Federal Agencies adhere to NIST 800-207 as a required step for Zero Trust implementation. With this mandate, the federal government is signaling that Zero Trust is essential to combating today’s cybersecurity challenges. As a result, the standard has gone through heavy validation and inputs from a range of commercial customers, vendors and government agencies stakeholders – which is why SP 800-207 is now considered the defacto standard for the enterprise as well.

Zero Trust addresses the following key principles based on the NIST guidelines:

Security First

Security-first design principles

Including isolated network virtualization, granular separation of duties and least privilege access with built-in security to reduce risk.

Continuous verification

Continuous verification

Continuous verification means no trusted zones, credentials, or devices at any time. Always verify access, all the time, for all resources.

Automated security

Automate context collection and response

Automate threat mitigation and remediation to reduce complexity and prevent human error. Incorporate behavioral data and get context from the entire IT stack (identity, endpoint, workload) for the most accurate response.

Limit the blast radius

Limit the “blast radius”

Minimizing the impact of a breach is critical. Zero Trust limits the scope of credentials or access paths for an attacker, giving time for systems and people to respond and mitigate the attack.

Achieving Zero Trust Security with a Service Mesh

At Tetrate, we align to the NIST 800-207 principles for Zero Trust. Tetrate’s industry-leading Application Networking and Security Platform built on open source Istio and Envoy, enables any organization to adhere to best practices such as reducing implicit trust boundaries and implementing individual API gateways for each service, as suggested by CISA and NIST. With Tetrate, organizations can implement a Zero Trust approach across devices, endpoints, apps, network and data while maintaining the level of security they need – one that trusts nothing and authenticates and authorizes everything. With Tetrate you can:

Enable Zero Trust at Scale

Enable Zero Trust at Scale

Zero Trust removes all implicit trust and continuously validates every stage of digital interactions enterprise-wide.

Simplify Infrastructure

Simplify Infrastructure

Zero Trust creates an opportunity to rebuild security to meet digital transformation goals while reducing overall security complexity.

Improve Visibility & Troubleshooting

Gain Visibility & Control

Zero Trust improves visibility into an organization’s users and activity to accelerate threat detection and response.

Strengthen Cyber Resilience

Strengthen Cyber Resilience

Set granular security policies to limit scope of attacks, speed response and stop breaches and ransomware from spreading.

Additional Resources

Start Your Zero Trust Journey with Tetrate

Learn how Tetrate products can help with your Zero Trust journey across all your cloud and network environments.