|
|
|
|
|
|
by PLG88
1333 days ago
|
|
|
Fully agreed. Want you probably want is OpenZiti. It's a modern mesh overlay network which is explicitly built on zero trust principles including using strong embedded identity (with the ability to plug in 3rd party IdP). This ensures per-endpoint authentication and authorisation before any connectivity can be established on the basis of least-privilege and microsegmentation. The connectivity at source and destination is established outbound so no inbound ports are needed while providing private (magical) DNS. It's also completely open source and free. Here is an overview of some of the superpowers - https://www.youtube.com/watch?v=hLEeHit3prY&list=PLMUj_5fkla... Disclaimer, I do work on the project so take me with a pinch of salt. |
|
|