This repository provides a short description of the BeyondCorp security model and resources for implementing this model at your organization.

Introduction

"BeyondCorp" is a Zero Trust¹ security framework initially created by Google. It challenges the idea of perimeter security in the form of network segmentation in order to separate "outsiders" from trusted employees.

The issue with perimeter security is that it assumes everyone inside the network is trused and everyone outside the network is not! This can be false in two aspects; you can have an intruder that has breached the perimeter and is untrusted, and you can have a trusted employee working from a coffee shop that is unable to access company resources.

The perimeter security model work effectively when all employees work exclusively in buildings owned by the enterprise, but doesn't work nearly as well when a workforce is mobile.

Unlike the traditional perimeter security model, BeyondCorp dispels the notion of network segmentation as the primary mechanism for protecting sensitive resources. Instead, all applications are deployed to the public Internet, accessible through a user and device-centric authentication and authorization workflow.

ScaleFT put together a website that has a more detailed explanation of the BeyondCorp model.

Implementation

While you could technically implement the BeyondCorp model on your own, the architecture requires you to build some non-trivial infrastructure (see image). This blog post by ScaleFT goes into some great deal on the components needed to build a BeyondCorp on your own.

https://github.com/noqcks/BeyondCorps

BeyondCorps的更多相关文章

  1. mxonline实战11,课程详情页2,课程章节页

    对应github地址:第11天   一. 课程详情页2   1. 课程详情页第2块中的课程介绍中,修改course-detail.html中代码,搜索课程详情,找到如下代码

随机推荐

  1. 使用Windows的Linux子系统搭建嵌入式开发环境

      亲,都9102年了,还在用VMware跑嵌入式交叉编译链吗?   北京时间2019年6月13日,Windows 10发布预览版本18917.版本的主要功能是Linux子系统(windows sub ...

  2. There is no getter for property named 'id' in 'class java.lang.Integer

    There is no getter for property named 'id' in 'class java.lang.Integer 问题描述: 使用mybatis传入参数, 当参数类型是St ...

  3. 创建简单Maven项目

    目录: Maven基础构建概念.仓库.构建与部署 Maven作用 Maven项目install Maven安装配置.目录结构.配置文件 配置Maven默认本地仓库 Maven常见命令 使用Maven ...

  4. microbit之mpython的API

    附录:常用API函数汇总 一.显示 display.scroll("Hello, World!") 在micro:bit点阵上滚动显示Hello, World!,其中Hello, ...

  5. Skywalking总结

    步骤四,完善Agent:你会发现,你在skywalking的Web监控页面看到的项目名称并非你原有的项目名称,而是一个默认的—— Your_ApplicationName.这是因为你还没有配置.打开/ ...

  6. Appium+python自动化(五)- 模拟器(超详解)

    简介 Appium是做安卓自动化的一个比较流行的工具,对于想要学习该工具但是又局限于或许当前有些小伙伴没 android 手机来说,可以通过安卓模拟器来解决该问题,下面就讲解使用appium连接安卓模 ...

  7. json工具类(二)——google包

    package com.ruoyi.common.utils.json; import java.util.List; import com.google.gson.Gson; import com. ...

  8. golang --学习笔记 运行时间计算

    package main import ( "fmt" "time" ) func main() { start := time.Now() //do some ...

  9. spring好文章整理

    彻底搞明白Spring中的自动装配和Autowired IDEA编译spring 5源码 Spring源码——IDEA读Spring源码环境搭建 导入spring源码org.springframewo ...

  10. python 练习题:请利用Python内置的hex()函数把一个整数转换成十六进制表示的字符串

    # -*- coding: utf-8 -*- # 请利用Python内置的hex()函数把一个整数转换成十六进制表示的字符串 n1 = 255 n2 = 1000 print(hex(n1)) pr ...