Cloud Network Segmentation in Pursuit of Zero Trust

Explore cloud network segmentation in pursuit of zero trust architecture in this 15-minute conference talk from Conf42 Platform Engineering 2023. Delve into the history and principles of zero trust, understand network segmentation concepts, and learn about transit gateway (TGW) implementation. Discover key concepts such as hub and spoke models, TGW attachments, route tables, associations, and propagations. Examine network design considerations, including account isolation, route table management, and traffic inspection patterns. Gain insights into VPC details, TGW route tables, and associations for both spoke and inspection scenarios. Investigate application VPC routes and explore advanced design concepts, including environment type isolation. Enhance your understanding of cloud network security and zero trust implementation strategies through this comprehensive presentation.

intro
preamble
agenda
zero trust history
zero trust principles
network segmentation
transit gateway tgw
hub and spoke model
key concepts of transit gateway
transit gateway attachment
- route table
- association
- propagation
- route
network design
- isolation of accounts
- tgw route tables
- traffic inspection patterns
vpc details
transit gateway route tables
tgw association spoke
tgw routes spoke
tgw associations inspection
tgw routes inspection
application vpc routes
taking desing further
isolation at environment type
thank you