内容简介
Perimeterdefensesguardingyournetworkaren'tassecureasyoumightthink.Hostsbehindthefirewallhavenodefensesoftheirown,sowhenahostinthe"trusted"zoneisbreached,accesstoyourdatacenterisnotfarbehind.Thispracticalbookintroducesyoutothezerotrustmodel,amethodthattreatsallhostsasifthey'reinternet-facing,andconsiderstheentirenetworktobecompromisedandhostile.AuthorsEvanGilmanandDougBarthshowyouhowzerotrustletsyoufocusonbuildingstrongauthentication,authorization,andencryptionthroughout,whileprovidingcompartmentalizedaccessandbetteroperationalagility.You'lllearnthearchitectureofazerotrustnetwork,includinghowtobuildoneusingcurrentlyavailabletechnology.Understandhowthezerotrustmodelembedssecuritywithinthesystem'soperation,ratherthanlayeringitontopExaminethefundamentalconceptsatplayinazerotrustnetwork,includingnetworkagentsandtrustenginesUseexistingtechnologytoestablishtrustamongtheactorsinanetworkLearnhowtomigratefromaperimeter-basednetworktoazerotrustnetworkinproductionExplorecasestudiesofzerotrustontheclientside(Google)andontheserver(PagerDuty)
作者简介
EvanGilmanisanOperationsEngineerwithabackgroundincomputernetworks.Withrootsinacademia,andcurrentlyworkinginthepublicinternet,hehasbeenbuildingandoperatingsystemsinhostileenvironmentshisentireprofessionalcareer.Anopensourcecontributor,speaker,andauthor,Evanispassionateaboutdesigningsystemsthatstrikeabalancewiththenetworkstheyrunon.DougBarthisasoftwareengineerwholovestolearnandshareshisknowledgewithothers.HehasworkedonsystemsofvarioussizesatcompanieslikeOrbitzandPagerDuty.Hehasbuiltandspokenaboutmonitoringsystems,meshnetworks,andfailureinjectionpractices.