A ZT deployment comprises different components. Some may be in-house services, and others may be cloud based. Recognize that any ZT architecture you implement will roll out over time. During this period, it's critical to educate stakeholders on all the moving pieces and convey that ZT is a continued effort without clearly defined start and finish. Stay mindful that as changes in your IT and business needs disrupt your progress, you can maximize the impact of your ZT approach by continually reassessing your architecture.
Experts emphasize there is no one-size-fits-all ZT infrastructure. Every enterprise, and thus every ZT deployment, will be different. Additionally, ZT infrastructure is typically implemented over time in a series of smaller infrastructure modernization projects. The ideal ZT model rarely, if ever, exists.
One of the attributes of the ZT model is its dynamic nature, so today’s ideal ZT model may not be ideal tomorrow.
Example diagram from the NIST document, page 18. Zero trust model components.