In Zero Trust Model all network traffic should be inspected and logged: both internally as well as externally. To do this, it is recommended to deploy network analysis and visibility (NAV) tool in conjunction with legacy security information management (SIM) systems. The purpose of NAV products is twofold:
• NAV provides security teams insight into what is actually going on in their network and allows them to obtain answers to the most challenging questions regarding access and behavior on the network.
• A NAV deployment will change end user behaviors because individuals will know that security is monitoring their actions, and they will be less tempted to do things that are questionable, malicious, or illegal.