Posts

Zero Trust Network Access (ZTNA)

-
In traditional enterprise networks, Virtual Private Network (VPN) solutions are implemented as a way of providing users access internal resources remotely. With the changes in the society after the COVID pandemic , an exponential number of users started working remotely, increasing the number of clients of that technology. The problem with VPNs is that they follow the network security model called Castle and Moat . In this model, clients cannot access resources if they are not connected to the VPN, but once they are within the network, they have full access to the data and applications, even if they do not use it for its daily work. This model presents a vulnerability, since if an attacker gain access to the network, it can use it as an attack vector to run cyber attacks such as Man-in-the-middle (MITM) or ransomware . Another common trend, is that many organisations are moving their workload to the Cloud. There is not a single 'castle' protect anymore. Therefore, protecting a...
Post a Comment
Read more

First Post

-
Image
Welcome to my blog! This is a space where I will share insights, learnings, and hands-on experiences. I plan to write about the technologies I am currently studying or working with. My goal is simply to learn and share what I have learned with others when I think it can be useful to other people. Hopefully I also become a better writter as well. Thank you for stopping by, and I look forward to sharing more in my next post!
Post a Comment
Read more

IPSec Deep Dive

-
Image
Today, we’re kicking off our series of posts with one about IPsec. First of all — IPsec? What is it? IPsec is a suite of protocols that provide security for Internet communications at the IP layer [1]. It has three main goals: Authentication-  Who sent the packet ? Integrity - Was the packet modified in transit? Confidentiality -  Can anyone read the packet? Anti-replay -  Did I already received it? One of the protocols that IPsec uses — and probably the most important — is called IKE [2]. The first version of IKE will be our main topic today. IKE stands for Internet Key Exchange. As the name suggests, the IKE protocol defines how negotiation between IPsec peers is carried out. Although we often refer to IKE and ISAKMP interchangeably, IKE actually inherits capabilities from three different protocols: ISAKMP : Provides a framework for authentication and key exchange but does not define them. OAKLEY : Describes a series of key exchanges, called modes. It also details the s...
Post a Comment
Read more