With Early Release ebooks, you get books in their earliest form—the author's raw and unedited content as he or she writes—so you can take advantage of these technologies long before the official release of these titles. You'll also receive updates when significant changes are made, new chapters are available, and the final ebook bundle is released.
The perimeter defenses guarding your network perhaps are not as secure as you think. Hosts behind the firewall have no defenses of their own, so when a host in the "trusted" zone is breached, access to your data center is not far behind. That’s an all-too-familiar scenario today. With this practical book, you’ll learn the principles behind zero trust architecture, along with details necessary to implement it.
The Zero Trust Model treats all hosts as if they’re internet-facing, and considers the entire network to be compromised and hostile. By taking this approach, you’ll focus on building strong authentication, authorization, and encryption throughout, while providing compartmentalized access and better operational agility.
Understand how perimeter-based defenses have evolved to become the broken model we use today
Explore two case studies of zero trust in production networks on the client side (Google) and on the server side (PagerDuty)
Get example configuration for open source tools that you can use to build a zero trust network
Learn how to migrate from a perimeter-based network to a zero trust network in production
Evan Gilman is an Operations Engineer with a background in computer networks. With roots in academia, and currently working in the public internet, he has been building and operating systems in hostile environments his entire professional career. An open source contributor, speaker, and author, Evan is passionate about designing systems that strike a balance with the networks they run on.
Doug Barth is a software engineer who loves to learn and shares his knowledge with others. He has worked on systems of various sizes at companies like Orbitz and PagerDuty. He has built and spoken about monitoring systems, mesh networks, and failure injection practices.
Traditional Network securtiy approaches are no longer adequate and zero trust networks may be a way forward. The frist two chapters make for a good read in explaining why such change is required and how we might start. I look forward to the further text
Bottom Line Yes, I would recommend this to a friend