UNDERSTANDING CDN PROXYING AND ZERO TRUST.

Organizations that provide CDN services such as cloudflare, have zero-trust services integrated on their platform.

Previously, we discussed about firewall, and the need to understand the OSI model (from a technical perspective), network protocols, and security configurations, before planning to setup a firewall.

While the content did not discuss any labs, or configured any form of firewall, it sure did give a tunnel vision and guideline on what to lookout for, when setting up a firewall (for defenders), or when trying to abuse a firewall by bypassing filters known as firewall rules (for offensive experts).

Nonetheless, there are other mechanisms involved in setting up, and managing security on an enterprise level, giving rise to what we know as enterprise security. To be able to implement security on an enterprise level as a security expert, getting familiar with the concept of “Zero Trust” is inevitable (not The Thanos kind 😂).

For example consider CDN’s (Content Delivery Networks) services such as cloud-flare, you could initiate zero-trust, if you proxied your organizations application through cloud-flare, as cloudflare provides such services (Zero-Trust).

Don’t get what it means to be proxied? Don’t worry we have your back.

 

 

UNDERSTANDING WHAT PROXYING MEANS:

Proxying your web-application through a CDN, is a way of hiding or obfuscating your actual IP address assigned to you, when you secure a domain, and a hosting service. To be able to obtain an IP address for your business web-application, two requirements are necessary or must be satisfied, these two requirements are:

1. Buying or registering a domain name.

2. Getting a hosting provider.

The domain is to be configured with what we call name servers, on the hosting provider you purchased its services or of your choice. Now when these name servers are configured and brought to live (domain alive), an IP address, is automatically assigned to that domain.

The IP address assigned, is the actual IP address belonging to your website (consider it your website identity which enables DNS to query its address book, when resources are requested from your website). Threat actors are able to scan these IP addresses, to see if there are vulnerable ports or services that are opened, and once they obtain these informations of opened services, exploiting your website becomes easy.

 

Consequently, when you proxy your website through a CDN (Content Delivery network), two actions are taken:

1. The CDN services issues you a new name-server, which is tied to the proxy or ip address of the CDN services. This new IP address is what your actual IP address is proxying through, concealing your assigned IP address by the company who is responsible for your hosting services. (we are not going in-depth on how to configure your application via a CDN). This is just a brief.

2. When a hacker tries to do a whois lookup on you, the endpoint that the query is going to hit, would be the proxied IP addresses (assigned by the CDN service), and not the actual machine hosting your website (IP address issued to you by the hosting company).

That’s is what proxying your application is.

Okay! Enough of the in-depth let’s stick to the key topic zero-trust..!!! shall we?

 

OVERVIEW OF ZERO TRUST:

When you talk about zero trust, there are a lots of factors, that needs to be looked at. We are talking about understanding the architecture of zero-trust itself, the NIST framework, and policy models, IAM (Identity Access Management), Network infrastructure, Access controls, Firewalls (are you shocked? Haha yes you have to look at firewall rules), VPN’s (Virtual Private Networks), Saas (Software As A Service), Data protection (data lifecycle & data consumption), and these are just but a few.

You see, cybersecurity is vast, when you are fully immersed technically, and not just by the books (theoretical knowledge, as this doesn’t help).

While these are all you need to understand, it is vital to have a structure on understanding these concepts.

Therefore we ask the question, what is really “Zero-Trust.”?

 

 WHAT IS ZERO TRUST?

It is the process of designing and adapting a foundational concept of trust, and scaling it up to make provision for the authorized limited (within a time frame) access to resources at the right time.

Furthermore it can be defined as a security framework which mandates all users, within the internal facility of the organizations or external location, be authenticated, authorized, and constantly validated, to ascertain the security configuration, and posture, before giving them access to the organizations resources (application, data, information e.t.c).

From various experts perspective, the concept by which zero trust operates, is based on a “Never Trust” “Always Verify” principle. This concept strongly ensures that access are only granted based on detailed set of criteria pertinent to risk. These set of criteria’s includes who the user is (user identity), Device health, Geolocation(Ip addresses pinpointing), and the level of access applicable to that user (privilege).

While zero trust is quite complex, getting a clear understanding of what it implies, and its goal, enables you as a security expert map the concept of granting trust access, to your organizations data or resources both internally and externally, when setting up zero trust.

 

 

 

Put your comments below in the comment section on your thoughts about this.

Find this article and information helpful? Show some love and support  “Click-Here
5 1 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments