From the course: Understanding Zero Trust
Join today to access over 25,300 courses taught by industry experts.
Designing a policy engine
From the course: Understanding Zero Trust
Designing a policy engine
- [Instructor] The policy domain which contains the policy decision point and policy enforcement point is sometimes referred to by vendors as a policy engine. This is the heart of a zero trust solution where the trust of all subjects in the deployment is evaluated and where device configuration rules are created. The policy engine takes feeds from a monitoring subsystem and analyzes them to adjust the trust of devices and users using a trust algorithm. While RFC 2753 provides a framework for policy based admission control, it doesn't specify the trust algorithm. While in time, standardized trust algorithms may emerge for now zero trust vendors are developing their own. In addition to the trust algorithm, which brings together the data into usable metrics, we would expect the policy engine to include the following components, a directory of subjects including autonomous entities with attributes which could impact their trust…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.