Zero Trust Networks: Building Secure Systems in Untrusted Networks (Paperback)

Evan Gilman, Doug Barth

買這商品的人也買了...

商品描述

The perimeter defenses guarding your network perhaps are not as secure as you think. Hosts behind the firewall have no defenses of their own, so when a host in the "trusted" zone is breached, access to your data center is not far behind. That’s an all-too-familiar scenario today. With this practical book, you’ll learn the principles behind zero trust architecture, along with details necessary to implement it.

The Zero Trust Model treats all hosts as if they’re internet-facing, and considers the entire network to be compromised and hostile. By taking this approach, you’ll focus on building strong authentication, authorization, and encryption throughout, while providing compartmentalized access and better operational agility.

  • Understand how perimeter-based defenses have evolved to become the broken model we use today
  • Explore two case studies of zero trust in production networks on the client side (Google) and on the server side (PagerDuty)
  • Get example configuration for open source tools that you can use to build a zero trust network
  • Learn how to migrate from a perimeter-based network to a zero trust network in production

商品描述(中文翻譯)

您的網絡周邊防禦可能沒有您想像中的安全。防火牆後面的主機沒有自己的防禦措施,因此當“可信任”區域的主機被入侵時,接下來就很容易進入您的數據中心。這是今天非常熟悉的情景。通過這本實用書,您將學習到零信任架構的原則,以及實施它所需的細節。

零信任模型將所有主機視為面向互聯網,並將整個網絡視為受到入侵和敵對的。通過採取這種方法,您將專注於在整個網絡中建立強大的身份驗證、授權和加密,同時提供分隔式訪問和更好的操作靈活性。

- 了解基於周邊防禦的模型如何演變成我們今天使用的破碎模型
- 探索兩個實際案例,分別是客戶端(Google)和服務器端(PagerDuty)的零信任網絡
- 獲取開源工具的示例配置,可用於構建零信任網絡
- 學習如何在生產環境中從基於周邊防禦的網絡遷移到零信任網絡