eBooks

OreillyMultiCloudFinalEBOOK

Learn all you need to know about email best practices, deliverability, and tools with email whitepapers and ebooks.

Issue link: https://hub.dyn.com/i/1119883

Contents of this Issue

Navigation

Page 33 of 57

Edge Management Principles IT security has never been easy. But one thing that used to be easier was the accepted definition of the network "edge." The phrase edge of the network used to refer to the firewall, or possibly the gateway routers. Everything behind that easily defined demarcation was the responsibility of the security team. Everything else was not. This resulted in "castle and moat" analogies that persist today about organizational boundaries. But those boundaries have eroded in recent years. As more operations have moved to the cloud, the definition of the edge has changed. Regardless of your organization's definition of the edge, however, the principles of edge management have not changed. What Is the "Edge"? Before we continue let's define what we mean by the term "the edge," given that this will inform the rest of our security discussion. Most definitions of the edge conflate it with the Internet of Things (IoT), comprised of networked and interconnected devices. Such 'things' are certainly a big part of the edge, as these devices generally serve as gateways to and from networks. But the edge is more than that, especially in a multicloud environ‐ ment. A multicloud strategy means that every cloud provider your organization uses effectively becomes part of your organization's edge. By viewing the multicloud environment as part of the edge, your organization can use available cloud providers' tools to restrict and redirect traffic, minimizing the attack surface of your cloud infra‐ structure, while making application services as widely available as possible. Therefore, our new definition of the edge includes not just tradi‐ tional IoT devices, but also the infrastructure deployed across the multicloud environment that is used to filter and redirect access to multicloud applications, such as DNS or Web Application Firewalls (WAFs). 28 | Chapter 3: Security in Multicloud Environments

Articles in this issue

view archives of eBooks - OreillyMultiCloudFinalEBOOK