This repository provides a short description of the BeyondCorp security model and resources for implementing this model at your organization.

Introduction

"BeyondCorp" is a Zero Trust¹ security framework initially created by Google. It challenges the idea of perimeter security in the form of network segmentation in order to separate "outsiders" from trusted employees.

The issue with perimeter security is that it assumes everyone inside the network is trused and everyone outside the network is not! This can be false in two aspects; you can have an intruder that has breached the perimeter and is untrusted, and you can have a trusted employee working from a coffee shop that is unable to access company resources.

The perimeter security model work effectively when all employees work exclusively in buildings owned by the enterprise, but doesn't work nearly as well when a workforce is mobile.

Unlike the traditional perimeter security model, BeyondCorp dispels the notion of network segmentation as the primary mechanism for protecting sensitive resources. Instead, all applications are deployed to the public Internet, accessible through a user and device-centric authentication and authorization workflow.

ScaleFT put together a website that has a more detailed explanation of the BeyondCorp model.

Implementation

While you could technically implement the BeyondCorp model on your own, the architecture requires you to build some non-trivial infrastructure (see image). This blog post by ScaleFT goes into some great deal on the components needed to build a BeyondCorp on your own.

https://github.com/noqcks/BeyondCorps

BeyondCorps的更多相关文章

  1. mxonline实战11,课程详情页2,课程章节页

    对应github地址:第11天   一. 课程详情页2   1. 课程详情页第2块中的课程介绍中,修改course-detail.html中代码,搜索课程详情,找到如下代码

随机推荐

  1. Linux性能优化实战学习笔记:第三十一讲

    一.上节回顾 上一节,我们一起回顾了常见的文件系统和磁盘 I/O 性能指标,梳理了核心的 I/O 性能观测工具,最后还总结了快速分析 I/O 性能问题的思路. 虽然 I/O 的性能指标很多,相应的性能 ...

  2. qt no doubments matching "ui..h" could be found

    问题情境描述: 自己单独添加的UI文件,然后添加一个类来使用这个UI文件,第一次输入UI Form名称时是大写,被添加到工程里面就是大写, 大写的情况下,添加action转到槽就会提示这个错误. 修改 ...

  3. [Powershell]使用Msbuild构建基于.NET Framework的WebAPI项目

    查找最高版本的MsBuildTools. 清理缓存垃圾. 还原NuGet包. 构建解决方案. 按项目发布程序到本地. 按项目ZIP打包. <# .NOTES ================== ...

  4. Word中怎么快速选中并组合多个文本框图形

    目的: 选中全部的文本框或者图形.图像,然后组合到一起 步骤: 点击开始(Home),点击右侧 选择--选择对象 (select -- select objects) -- 鼠标拖放框选图形 -- 右 ...

  5. jenkins 更新插件使用代理

    方法一: 管理插件页面配置如下: 这个 URL 改成http://mirror.xmission.com/jenkins/updates/update-center.json 或https://mir ...

  6. sql 自动增加排序 并且初始值是000001

    declare @co_num  int,                @CoNum varchar(6) select co_num=count(*)+1 from tab             ...

  7. base62与long的相互转换

    public static class Converter { private static String keys = "0123456789abcdefghijklmnopqrstuvw ...

  8. 基于opencv+python的二维码识别

    花了2天时间终于把二维码识别做出来了,不过效果一般,后面会应用在ROS辅助定位上,废话少说先上图: 具体过程参考了这位大神的博客:http://blog.csdn.net/qq_25491201/ar ...

  9. Laravel手动分页的方法

    use Illuminate\Pagination\LengthAwarePaginator; public function index(Request $request){ $list =[... ...

  10. VHR配置数据库开发环境

    一,vhr项目宏观分析 目的:实现机关和事业单位的人事管理信息系统. 软件使用的对象:面向机关和事业单位内人事信息管理人员和在职开发人员. [架构选型] vhr面向的群体范围并不大,并非属于互联网应用 ...