Zero Trust architecture is the new trend of Security Philosophy based on the principe, never trust and continuously verify trust, which means even if the user is authenticated and permitted to access corporate resources with least privileges using RBAC, he is continuously tracked and monitored to detect any malicious activity, behavior, or if the posture is not changed, if this occurs, an automatic action and response is required to quarantine the host or to suppress the initial permission.

The continuously trust concept in Zero Trust architecture involves the use of Cisco Secure Network Analytics, which means that Cisco SNA is one of the core component of this architecture. Zero Trust architecture uses Cisco Secure Network Analysis to perform continuous monitoring and analysis which leads to the "Continuously Trust concept"in the Zero Trust architecture by analyzing the netflow data exported and forwared by network devices to detect any malicious activity such as data hoarding, data exfiltration or any connection to CnC server from a compromised host. And if a violation occurs or a malicious activity is detected, Cisco Secure Network Analytics is once again solicited to quarantine the host using ANC (Adaptive Network Control) feature to instruct Cisco ISE (another component of Zero Trust architecture) to send a Change of Authorization CoA so that the user will receive a new Authorization that denies access.