The official guidelines for the National Network Security Framework (N2SF), led by the National Intelligence Service, are set to be released this month. With a sweeping overhaul underway 18 years after the network separation regime was introduced, the security industry is also moving to respond. SGA Solutions and Private Technology have joined as lead organizations in related proof-of-concept projects, while Genians and AhnLab are preparing response systems by leveraging technical capabilities such as zero trust.
According to the security industry on the 10th, the National Intelligence Service shared progress on N2SF at Cyber Summit Korea (CSK) 2025, which it hosted the previous day. The National Intelligence Service announced a roadmap to improve national network security policy at last year's CSK event and released a draft of the N2SF guidelines in Jan. However, there was criticism that the draft alone made it difficult to understand how N2SF would be applied in practice. In response, the National Intelligence Service supplemented the content and had planned to distribute the official guidelines at this year's CSK event, but said it would announce them this month as follow-up work was delayed. Joint pilot projects with government ministries and agencies' own projects will proceed according to the previously announced roadmap.
N2SF is a new security framework that replaces the existing "network separation-only" approach. Until now, internal and internet networks were unconditionally separated to block cyberattacks, but as cloud, remote work, and artificial intelligence (AI) use have increased, work efficiency and the adoption of new technologies have been constrained. For example, when moving already public data from outside to the internal network, an authorized USB had to be used or specific security procedures had to be followed, and even if staff wanted to use generative AI during work, network separation limited AI utilization at work. The National Intelligence Service presented a solution to improve these inefficiencies in the new information technology (IT) environment.
The core of N2SF is to classify an institution's work and data by importance and apply different security controls accordingly. Data is broadly classified into three levels: ▲ Classified ▲ Sensitive ▲ Open. The C grade covers highly sensitive information such as military and national security; the S grade includes important business information such as personal data and internal materials; and the O grade includes tasks that are relatively public, such as press releases. Institutions can appropriately select and combine security technologies according to each grade, including zero trust network access (ZTNA), network access control (NAC), endpoint detection and response (EDR), and encryption. This allows both maintaining security and facilitating data sharing.
The implementation of NS2F is expected to have a significant impact on the domestic security market. First, the structure of solution demand is likely to change. Demand for network separation hardware, which has been mainstream, is expected to gradually decline, while demand will likely increase for software and platform categories such as data classification, zero trust, security gateways, and cloud security. Consulting and proof-of-concept opportunities are also expected to expand. Since grade classification, threat modeling, and adequacy assessment are essential for each institution, security consulting, pilot projects, integrated monitoring, and managed security service provider (MSSP) businesses are expected to become more active. In addition, demand will grow for solutions and verification related to various interconnection methods, and interconnection security (verification, encryption, integrity assurance) capabilities are expected to become key factors determining competitiveness.
Domestic security companies are responding to changes in the security framework following the introduction of N2SF. SGA Solutions, considered the market leader, was the first in Korea to unveil a zero trust architecture (ZTA) solution and has carried out the government's zero trust pilot project for three consecutive years, earning recognition for its applicability in real work environments. Private Technology is also drawing attention for zero trust and N2SF. It won the zero trust proof-of-concept project in 2023 and the pilot project in 2025, earning recognition for its technical prowess and real-world implementation capabilities.
Genians, a leading corporation in the network access control (NAC) field, has entered the related market with a ZTA-based integrated platform. The company said it can support six N2SF security control categories by integrating its core product lines, including not only NAC and ZTNA but also endpoint detection and response (EDR) solutions. AhnLab is addressing zero trust and N2SF with its next-generation integrated network security solution, AhnLab XTG. Officially released recently, AhnLab XTG features high-performance firewall capabilities and the latest network security functions such as ZTNA and software-defined wide area network (SD-WAN). ZTNA in AhnLab XTG verifies the identities of users and devices based on the firewall and grants only the minimum privileges.
A security industry official said, "With the introduction of N2SF, new demand based on zero trust is expected to grow in the security industry," adding, "It is as if a new market is opening, and if leveraged effectively, it could drive growth across the domestic security industry."