I was told that zero trust removes the need for traditional network security.
However, I still see recommendations for segmentation and firewall rules.
I’m trying to understand why network controls are still needed in a zero-trust setup.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I was told that zero trust removes the need for traditional network security.
However, I still see recommendations for segmentation and firewall rules.
I’m trying to understand why network controls are still needed in a zero-trust setup.
Zero trust shifts the primary trust decision to identity and context, but it doesn’t remove the need to limit exposure. Network controls still play an important role in reducing blast radius when credentials are compromised.
If identity is the only line of defense, a single failure can expose large parts of the environment. Segmentation ensures that even valid identities can only reach what they explicitly need.
Zero trust works best when combined with sensible network boundaries.
Takeaway: Zero trust strengthens identity checks, but containment still matters.