In the zero trust network model it’s more important than ever to know about your assets. In order to get the benefits from zero trust you need to know about each component of your architecture from users and their devices, through to the services and data they are accessing.
Your attention should be focused on the components of the system which use the network. The network itself should be considered untrusted and hostile, regardless of whether it’s a local networking in your secure building, or a public Wi-Fi network in a known hostile location.
This principle is particularly important if transitioning to a zero trust architecture for an established system, with many pre-existing services. If a zero trust architecture is implemented without considering existing services, they may be at higher risk as the network is assumed to be untrusted and hostile. These services may not be designed for this situation and therefore will be unable to defend themselves against attack.