Zero trust is maturing as a mainstream security best practice to minimize uncertainty by enforcing accurate, least-privileged access to information. This has become particularly relevant over the past few years, with a growing number of remote workers accessing cloud apps outside the traditional network.
No single vendor solution exists today to attain conditional access from edge to cloud. Intel with CrowdStrike and Zscaler demonstrate how multiple vendors working together can help solve information technology (IT) challenges to implement a comprehensive zero trust strategy.
Cybersecurity standards organizations, such as the National Institute of Standards and Technology (NIST), have published guidance on zero trust architecture and implementation guides to support adoption. According to a recent Forrester’s Business and Technology Services Survey, 2022 1, over two-thirds of European security decision-makers are developing zero trust strategies.
The challenge for IT providers is the expansive scope of zero trust and access to resources determined by a dynamic policy. This includes the observable state of device identity, device health, application and service trust, as well as hardware-defined inputs. This is where the role of hardware-assisted security can enhance and accelerate the value of zero trust.
The added value of hardware and software working together in a zero trust approach is recognized by IT professionals. Key findings from a recent Ponemon Institute study2 indicate that organizations are looking to integrate hardware-based security solutions into their zero trust strategies. Of the 36% of organizations using hardware-assisted security solutions, 32% of respondents have implemented a zero trust infrastructure strategy, and 75% of respondents expressed increased interest in zero trust models as the remote workforce grows.
Solutions Available Today
CrowdStrike and Zscaler have integrated hardware security into their solutions so customers receive hardware-assisted benefits right “out of the box.”
“The integration of our Intel® vPro threat detection optimizations for CrowdStrike, with the Intel® Xeon-based optimizations powering Zscaler’s Zero Trust Exchange, will help corporations get more out of their existing security investments and improve their security outcomes, said Rick Echevarria, vice president, sales and marketing group, general manager security at Intel. “Our work with CrowdStrike and Zscaler is a great example of the power of collaboration in addressing the biggest challenges our customers are facing in a continuously evolving threat landscape.”
Intel delivers hardware optimizations with the CrowdStrike Falcon® platform and the Zscaler Zero Trust Exchange™. Joint customers benefit from the acceleration of cross platform threat protection insights and remediation, in addition to endpoint risk scoring and adaptive network policies for conditional access to cloud apps:
- Device Health Scoring: CrowdStrike utilizes Hardware Enhanced Exploit Detection (HEED) and Intel® Threat Detection Technology (Intel® TDT) for accelerated memory scanning, only available on Intel® Core™ and Intel® vPro® PCs, to uncover early indicators of file-less attacks. According to the CrowdStrike 2023 Global Threat Report, fileless attacks make up 71%3 of all attack entry methods. Additionally, CrowdStrike realizes up to a 7 times4 boost in memory scanning performance from Intel hardware.
- Cross-Platform Zero Trust Insights: The CrowdStrike Falcon platform generated risk score via its Zero Trust Assessment (ZTA) with Intel’s hardware metadata relayed to Zscaler through the Zero Trust Exchange APIs and Zscaler Client Connector for conditional network policy enforcement.
- Secure Access Service Edge (SASE) Connectivity Acceleration: To address the scale of remote user access to a cloud resource via a SASE point of presence, Intel and Zscaler optimized SASE components with Intel® Xeon® Scalable processors and accelerators such as Intel® QuickAssist Technology. Data plane acceleration including packet processing and cryptography acceleration, AI acceleration for network and security sanitization, delivers a transparent experience for users connected via Zscaler.
- Hardware Assisted Remediation: Network Indicator of Compromise (IOC) data and CrowdStrike’s fileless attack detection with Indicator of Attack (IOA) data can be combined with Intel’s hardware-detected threat metadata to isolate impacted PCs and perform response actions.
“CrowdStrike is pioneering AI-powered advanced threat detection and response capabilities that leverage Intel’s hardware technologies. Our partnership with Intel and Zscaler is critical for protecting our joint customers against modern attacks through a combination of hardware, cloud platform and human expertise,” said Michael Rogers, vice president of alliances at CrowdStrike.
Evolution and Industry Alignment
To help address knowledge gaps, Intel published its zero trust reference architecture in October 2022. In parallel, Intel has worked closely to hardware-optimize leading SASE, EDR, and Identity software partners that are commonly deployed together by customers to realize the benefits of zero trust. After successful customer deployments, Intel will work with CrowdStrike, Zscaler and other partners to publish updated and new reference architectures including emerging usage models.
The new reference architectures will help customers understand the enhanced use cases, configuration steps and specific Intel® vPro® and Intel® Xeon® Scalable processors capabilities and related accelerators.
1 Forrester’s Business And Technology Services Survey, 2022 and Zero Trust Comes Into
The Mainstream In Europe, by Tope Olufon with Paul McKay, Zaklina Ber, Jen Barton, March 1, 2023
2 Security Innovation: Secure Systems Start with Foundational Hardware, Ponemon Institute, 2022, sponsored study by Intel
4 Based on offload memory scanning to the integrated GPU via Intel TDT API, which results in a 3-7x acceleration over CPU scanning methods
Performance varies by use, configuration and other factors. Learn more on the Performance Index site.
Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available updates. See backup for configuration details. No product or component can be absolutely secure.
Your costs and results may vary.
Intel technologies may require enabled hardware, software or service activation.
Intel does not control or audit third-party data. You should consult other sources to evaluate accuracy.