The policy engine (PE) is the component in a ZTA that is responsible for deciding whether to grant access to a resource. The PE evaluates the policies and the contextual data collected from various sources, such as the user identity, the device posture, the network location, the resource attributes, and the environmental factors, and then generates an access decision. The PE communicates the access decision to the policy enforcement point (PEP), which enforces the decision on the resource.
References =
Certificate of Competence in Zero Trust (CCZT) prepkit, page 14, section 2.2.2
What Is Zero Trust Architecture (ZTA)? - F5, section “Policy Engine”
What is Zero Trust Architecture (ZTA)? | NextLabs, section “Core Components”
[SP 800-207, Zero Trust Architecture], page 11, section 3.3.1
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit