BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Port Scanning
- Subject: [Discuss] Port Scanning
- From: richard.pieri at gmail.com (Rich Pieri)
- Date: Thu, 1 Aug 2024 14:03:57 -0400
- In-reply-to: <5c43eee0-caaf-45d6-8fdb-273cb3d8ea6d@borg.org>
- References: <5c43eee0-caaf-45d6-8fdb-273cb3d8ea6d@borg.org>
On Thu, 1 Aug 2024 10:03:28 -0700 Kent Borg <kentborg at borg.org> wrote: > P.P.S. My decades long dislike of firewalls is *finally* getting > trendy with the impressive name "Zero Trust Architecture", it even > has a TLA: "ZTA". Nice when the world finally catches up here and > there. Zero Trust does not mean no firewalls. Exactly the opposite: it means firewalls everywhere. A traditional network architecture looks like an M&M candy: a hard shell surrounding the sweet network goodness inside. Sometimes there are two firewalls and the network resembles a peanut M&M with the hard shell of the perimeter firewall and second firewall separating the chocolaty DMZ from the valuable peanut in the middle. A Zero Trust network looks like a bag of M&Ms. Each candy is one node on the network, each node enclosed in a hard firewall shell. Nothing is allowed into or out of any of these shells without first validating itself with the security system. Every service or system must validate itself every time it tries to connect to anything else on the network. Never trust, always validate. -- \m/ (--) \m/
- References:
- [Discuss] Port Scanning
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Port Scanning
- Prev by Date: [Discuss] Port Scanning
- Next by Date: [Discuss] Port Scanning
- Previous by thread: [Discuss] Port Scanning
- Next by thread: [Discuss] Port Scanning
- Index(es):