Barth Doug - Zero trust networks : building secure systems in untrusted networks
Here you can read online Barth Doug - Zero trust networks : building secure systems in untrusted networks full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2017, publisher: O’Reilly Media, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Zero trust networks : building secure systems in untrusted networks
- Author:
- Publisher:O’Reilly Media
- Genre:
- Year:2017
- Rating:4 / 5
- Favourites:Add to favourites
- Your mark:
Zero trust networks : building secure systems in untrusted networks: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Zero trust networks : building secure systems in untrusted networks" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
Barth Doug: author's other books
Who wrote Zero trust networks : building secure systems in untrusted networks? Find out the surname, the name of the author of the book and a list of all author's works by series.
Zero trust networks : building secure systems in untrusted networks — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Zero trust networks : building secure systems in untrusted networks" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
by Evan Gilman and Doug Barth
Copyright 2017 Evan Gilman, Doug Barth. All rights reserved.
Printed in the United States of America.
Published by OReilly Media, Inc. , 1005 Gravenstein Highway North, Sebastopol, CA 95472.
OReilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://oreilly.com/safari). For more information, contact our corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com .
- Editors: Courtney Allen and Virginia Wilson
- Production Editor: Kristen Brown
- Copyeditor: Amanda Kersey
- Proofreader: Jasmine Kwityn
- Indexer: Wendy Catalano
- Interior Designer: David Futato
- Cover Designer: Karen Montgomery
- Illustrator: Rebecca Demarest
- July 2017: First Edition
- 2017-06-15: First Release
See http://oreilly.com/catalog/errata.csp?isbn=9781491962190 for release details.
The OReilly logo is a registered trademark of OReilly Media, Inc. Zero Trust Networks, the cover image, and related trade dress are trademarks of OReilly Media, Inc.
While the publisher and the authors have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the authors disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work. Use of the information and instructions contained in this work is at your own risk. If any code samples or other technology this work contains or describes is subject to open source licenses or the intellectual property rights of others, it is your responsibility to ensure that your use thereof complies with such licenses and/or rights.
978-1-491-96219-0
[LSI]
Thank you for choosing to read Zero Trust Networks! Building trusted systems in hostile networks has been a passion of ours for many years. In building and designing such systems, we have found frustration in the pace of progress toward solving some of the more fundamental security problems plaguing our industry. Wed very much like to see the industry move more aggressively toward building the types of systems which strive to solve these problems.
To that end, we are proposing that the world take a new stance toward building and maintaining secure computer networks. Rather than being something which is layered on top, considered only after some value has been built, security must be fundamentally infused with the operation of the system itself. It must be ever-present, enabling operation rather than restricting it. As such, this book sets forth a collection of design patterns and considerations which, when heeded, can produce systems that are resilient to the vast majority of modern-day attack vectors.
This collection, when taken as a whole, is known as the zero trust model. In this model, nothing is taken for granted, and every single access requestwhether it be made by a client in a coffee shop or a server in the datacenteris rigorously checked and proven to be authorized. Adopting this model practically eliminates lateral movement, VPN headaches, and centralized firewall management overhead. It is a very different model indeed; one that we believe represents the future of network and infrastructure security design.
Security is a complicated and ever-changing field of engineering. Working on it requires a deep understanding of many layers of a system and how bugs or weaknesses in those layers can allow an attacker to subvert access controls and protections. While this makes defending a system challenging, its also a lot of fun to learn about! We hope youll enjoy learning about it as much as we have!
Have you found the overhead of centralized firewalls to be restrictive? Perhaps youve even found their operation to be ineffective? Have you struggled with VPN headaches, TLS configuration across a myriad of applications and languages, or compliance and auditing hardships? These problems represent just a small subset of those addressed by the zero trust model. If you find yourself thinking that there just has to be a better way, then youre in luckthis book is for you.
Network engineers, security engineers, CTOs, and everyone in between can benefit from zero trust learnings. Even without a specialized skillset, many of the principles included within can be clearly understood, helping leaders make decisions that get them closer to realizing the zero trust model, improving their overall security posture incrementally.
Additionally, readers with experience using configuration management systems will see the opportunity of using those same ideas to build a more secure and operable networked systemone in which resources are secure by default. They will be interested in how automation systems can enable a new network design that is able to apply fine-grained security controls more easily.
Finally, this book also explores mature zero trust design, enabling those who have already incorporated the basic philosophies to further the robustness of their security systems.
We started speaking about our approach to system and network design at industry conferences in 2014. At the time, we were using configuration management systems to rigorously define the system state, applying changes programmatically as a reaction to topological changes. As a result of leveraging automation tools for this purpose, we naturally found ourselves programmatically calculating the network enforcement details instead of managing such configuration by hand. We found that using automation to capture the system design in this way was enabling us to deploy and manage security features, including access control and encryption, much more easily than in systems past. Even better, doing so allowed us to place much less trust in the network than other systems might normally do, which is a key security consideration when operating in and across public clouds.
Around that same time, Googles first BeyondCorp paper was published, describing how they were rethinking system and network design to remove trust from the network. We saw a lot of philosophical similarities in how Google was approaching their network security, and how we approached similar problems in our own systems. It was clear that reducing trust in the network was not only our own design preference/opinion, but the general direction the industry was headed. With the realizations gained from comparing the BeyondCorp paper to our own efforts, we started sharing broader understandings of this architecture and philosophy at various conferences.
Attendees were engaged and interested in what we were doing, but the question we frequently heard was Where can I learn more about how to do this in my own system? Unfortunately, the answer was typically Well, theres not a whole lotcome see me afterward. The lack of publicly available information and guidance became a glaring gapone we wanted to correct. This book aims to fill that gap.
While writing this book, we spoke to individuals from dozens of companies to understand their perspective on network security designs. We found that many of those companies were themselves reducing the trust of their internal networks. While each organization took a slightly different approach in their own system, it was clear that they all were working under the same threat model and were as a result building solutions that shared many properties.
Our goal with this book isnt to present one or two particular solutions to building these types of systems, but rather to define a system model that places no trust in its communication network. Therefore, this book wont be focused on using specific software or implementations, but rather it will explore the concepts and philosophies that are used to build a zero trust network. We hope you will find it useful to have a clear mental model for how to construct this type of system when building your own system, or even better, reusable solutions for the problems described herein.
Font size:
Interval:
Bookmark:
Similar books «Zero trust networks : building secure systems in untrusted networks»
Look at similar books to Zero trust networks : building secure systems in untrusted networks. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Zero trust networks : building secure systems in untrusted networks and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.