SKRZ Security
The purpose of this guide is to provide a high level overview of my thoughts on zero trust and not a complete security architecture. It is a work in progress that will be updated.
Zero Trust this Zero Trust that, blah, blah. Everyone says everyone should do it. Even the United States Department of Defense has a 104 page guideline, https://dodcio.defense.gov/Portals/0/Documents/Library/(U)ZT_RA_v2.0(U)_Sep22.pdf.
The National Institute of Standards and Technology has this special publication, https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf.
However no one tells you what technology to use or how to configure/deploy it. I’m changing that! This a guide on how it works with configuration guides/links and very few if any acronyms so you can do it yourself!
First here is how Forrester defines Zero Trust: https://www.forrester.com/blogs/the-definition-of-modern-zero-trust/ I’m not going to retype what they wrote. But here are the concepts that are important:
