Definition: What is Zero Trust?

What is Zero Trust?

Zero Trust is an approach to networking where you simply choose not to trust your underlying network.

In a traditional network, you build your local network and allow any node on that network to talk to any other node on the network. For this to work, you have to trust every device on your local network. Then you install a Firewall to protect your local network from the outside world of the Internet. If you need to communicate with devices out on the Internet, you implement rules on the Firewall to allow or deny this. Or, you implement a traditional VPN to allow people in.

In a Zero Trust network, you simply do not trust your underlying network. Instead, you install local network encryption software on each node of the network and define who is allowed to talk to whom on a node-by-node basis. This is usually done by the software in a central repository.

The advantages of Zero Trust are many. First of all, you can now treat your local network as a generic utility. Network configuration and maintenance become much simpler. Also, you blur the distinction between inside and outside your network. This allows devices to roam the outside world (i.e. travel or work remotely) without compromising security since traffic between nodes is always encrypted.

The 2hO Network is a tool that can be used to easily create Zero Trust networks. Once the 2hO software is installed on each node, all traffic between your nodes is always encrypted. This happens whether they are on your local network, outside on the Internet, or straddling the two.

The 2hO software automatically manages all of the encrypted connections ensuring you always have connectivity to your other nodes, even when you roam. If your laptop moves from your office to a hotel, the 2hO software automatically reconfigures itself to keep you connected. If you can surf the web, your connections will be there.

Unlike a traditional VPN, the traffic between your devices will take the fastest route. Your encrypted traffic does not pass through our servers. And the speed will be as fast as the Internet will allow.