Название: Zero Trust Networks: Building Secure Systems in Untrusted Network, 2nd Edition (Third Early Release)Автор: Razi Rais, Christina Morillo, Evan Gilman, Doug Barth
Издательство: O’Reilly Media, Inc.
Год: 2023-01-18
Страниц: 129
Язык: английский
Формат: epub (true), mobi
Размер: 10.2 MB
Perimeter defenses guarding your network aren't as secure as you might think. Hosts behind the firewall have no defenses of their own, so when a host in the "trusted" zone is breached, access to your data center is not far behind. This practical book introduces you to the zero trust model, a method that treats all hosts as if they're internet-facing, and considers the entire network to be compromised and hostile.
In this updated edition, the authors show you how zero trust lets you focus on building strong authentication, authorization, and encryption throughout, while providing compartmentalized access and better operational agility. You'll learn the architecture of a zero trust network, including how to build one using currently available technology.
Zero trust aims to solve the inherent problems in placing our trust in the network. Instead, it is possible to secure network communication and access so effectively that physical security of the transport layer can be reasonably disregarded. It goes without saying that this is a lofty goal. The good news is that we’ve got pretty powerful cryptographic algorithms these days, and given the right automation systems, this vision is actually attainable.
What Is a Zero Trust Network? A zero trust network is built upon five fundamental assertions:
- The network is always assumed to be hostile.
- External and internal threats exist on the network at all times
- Network locality alone is not sufficient for deciding trust in a network.
- Every device, user, and network flow is authenticated and authorized.
- Policies must be dynamic and calculated from as many sources of data as possible.
Explore fundamental concepts of a zero trust network, including trust engine, policy engine, and context aware agents
Understand how this model embeds security within the system's operation, rather than layering it on top
Use existing technology to establish trust among the actors in a network
Migrate from a perimeter-based network to a zero trust network in production
Examine case studies that provide insights into various organizations' zero trust journeys
Learn about the various zero trust architectures, standards, and frameworks
Скачать Zero Trust Networks, 2nd Edition (Third Early Release)