Zero Trust Networks: Building Trusted Systems in Untrusted Networks

Slide 1

Slide 1 text

Evan Gilman, Doug Barth @evan2645 @dougbarth Zero Trust Networks

Slide 2

Slide 2 text

3/14/17 @evan2645 @dougbarth About Us Zero Trust: Building Systems in Untrusted Networks

Slide 3

Slide 3 text

@evan2645 @dougbarth

Slide 4

Slide 4 text

@evan2645 @dougbarth

Slide 5

Slide 5 text

3/14/17 @evan2645 @dougbarth DC-A DC-B DC-C C* C* C* Zero Trust: Building Systems in Untrusted Networks

Slide 6

Slide 6 text

3/14/17 @evan2645 @dougbarth DC-A DC-B DC-C C* C* C* Zero Trust: Building Systems in Untrusted Networks

Slide 7

Slide 7 text

3/14/17 @evan2645 @dougbarth DC-A DC-B DC-C C* C* C* Zero Trust: Building Systems in Untrusted Networks

Slide 8

Slide 8 text

@evan2645 @dougbarth iptables

Slide 9

Slide 9 text

@evan2645 @dougbarth

Slide 10

Slide 10 text

@evan2645 @dougbarth

Slide 11

Slide 11 text

@evan2645 @dougbarth IPsec VPN

Slide 12

Slide 12 text

3/14/17 @evan2645 @dougbarth DC-A DC-B DC-C Zero Trust: Building Systems in Untrusted Networks VPN VPN VPN

Slide 13

Slide 13 text

3/14/17 @evan2645 @dougbarth DC-A DC-B DC-C Zero Trust: Building Systems in Untrusted Networks VPN VPN VPN

Slide 14

Slide 14 text

@evan2645 @dougbarth IPsec VPN

Slide 15

Slide 15 text

3/14/17 @evan2645 @dougbarth DC-A DC-B DC-C Zero Trust: Building Systems in Untrusted Networks VPN VPN VPN

Slide 16

Slide 16 text

3/14/17 @evan2645 @dougbarth DC-A DC-B DC-C Zero Trust: Building Systems in Untrusted Networks

Slide 17

Slide 17 text

3/14/17 @evan2645 @dougbarth DC-A DC-B DC-C Zero Trust: Building Systems in Untrusted Networks

Slide 18

Slide 18 text

3/14/17 @evan2645 @dougbarth Emergent Properties All Flows Authenticated and Encrypted All Flows Asserted as Authorized No Inherent Value in IP Address Zero Trust: Building Systems in Untrusted Networks

Slide 19

Slide 19 text

3/14/17 @evan2645 @dougbarth Emergent Properties No Centralized Firewalls No Network Gateways No Private Network Zero Trust: Building Systems in Untrusted Networks

Slide 20

Slide 20 text

@evan2645 @dougbarth BeyondCorp

Slide 21

Slide 21 text

@evan2645 @dougbarth BeyondCorp

Slide 22

Slide 22 text

@evan2645 @dougbarth BeyondCorp

Slide 23

Slide 23 text

@evan2645 @dougbarth BeyondCorp

Slide 24

Slide 24 text

@evan2645 @dougbarth Zero Trust Philosophy:

Slide 25

Slide 25 text

@evan2645 @dougbarth Zero Trust Philosophy: No Trust In Network

Slide 26

Slide 26 text

@evan2645 @dougbarth Zero Trust Philosophy: No Trust In Network

Slide 27

Slide 27 text

@evan2645 @dougbarth Zero Trust Philosophy: Every Flow Is Expected

Slide 28

Slide 28 text

@evan2645 @dougbarth Zero Trust Philosophy: Symbolic Policy

Slide 29

Slide 29 text

@evan2645 @dougbarth Zero Trust Philosophy: Symbolic Policy

Slide 30

Slide 30 text

@evan2645 @dougbarth Zero Trust Philosophy: Network Agent

Slide 31

Slide 31 text

@evan2645 @dougbarth Zero Trust Philosophy: Network Agent

Slide 32

Slide 32 text

@evan2645 @dougbarth Zero Trust Philosophy: Automate!

Slide 33

Slide 33 text

@evan2645 @dougbarth Zero Trust Philosophy: Automate!

Slide 34

Slide 34 text

@evan2645 @dougbarth Visibility

Slide 35

Slide 35 text

@evan2645 @dougbarth Start Early

Slide 36

Slide 36 text

@evan2645 @dougbarth Start Early

Slide 37

Slide 37 text

@evan2645 @dougbarth Current State

Slide 38

Slide 38 text

@evan2645 @dougbarth Current State

Slide 39

Slide 39 text

@evan2645 @dougbarth Current State

Slide 40

Slide 40 text

@evan2645 @dougbarth

Slide 41

Slide 41 text

@evan2645 @dougbarth

Slide 42

Slide 42 text

@evan2645 @dougbarth

Slide 43

Slide 43 text

@evan2645 @dougbarth

Slide 44

Slide 44 text

3/14/17 @evan2645 @dougbarth Just The Facts Industry Moving Towards Deep Authn/Authz Industry Converging on Zero Trust Model More Secure, More Operable Keep an Eye Out! Zero Trust: Building Systems in Untrusted Networks