Since the outbreak of covid-19, enterprises adopting work-from home and the demand for cloud servers are growing. Information seurity have increasing becoming a significant issue due to the frequent use of network access. Legacy VPN access of office intranet allows employees working remotely while keeping the whole network traffic encrypted.Advanced Persistent Threat (APT) attacks on information security crisis occurs because of the traditional practice of giving employees access to the intranet through a VPN, though the VPN itself has adequate security planning and a unique encrypted tunnel that encrypts the transmitted packets. The biggest problem with VPNs is the relaying nodes.If one of the nudes is compromised the network traffic will thus prone to being monitored and recorded, and the VPN account, password or credentials can be copied, and the intranet becoming open to intruders, which can lead to security risks for the enterprise. This paper aims to combine the seven security definitions of a zero-trust network with firewall and VPN technologies, and to authenticate users and devices repeatedly to ensure user identity, while using Surfshark and wireshark to demonstrate the contents of packets in the experiment. Conceptually, it must be assumed that both the user's account and device cannot be trusted. Therefore, it is emphasized that the internal network should have the same security policy as the external network, with strict control, using multiple types of authentication models, and emphasizing repeated authentication. This distrustful attitude toward network resources and users, and the zero-trust framework also emphasizes continuous authentication to ensure security. By repeatedly verifying the identity of users, it can complement some shortcomings in the use of VPN and further protect the security of information within the enterprise.