The following diagram illustrates this pattern:ĭownload a Visio file of this architecture. This document focuses on a common pattern for maximizing security, in which Azure Application Gateway acts before Azure Firewall Premium. A separate guide, Firewall and Application Gateway for virtual networks, describes design patterns that you can use to arrange the various appliances. In some situations, you can combine different types of network security appliances to increase protection. Next-generation firewalls can also look for generic threats.Web application firewalls look for patterns that indicate an attack at the web application layer.Typically, different types of network appliances inspect different aspects of network packets: In this layer, network appliances inspect packets to ensure that only legitimate traffic reaches applications. For the purpose of this article, a multilayered approach works best, where network security makes up one of the layers of the zero-trust model. Please read other zero-trust documents for more aspects of deploying your application securely, such as authentication. This article refers to the encryption and inspection component of a zero-trust architecture for traffic inbound from the public Internet.
The zero-trust paradigm includes many other concepts, such as constant verification of the identity of the actors or reducing the size of the implicit trust areas to a minimum. This guide outlines a strategy for implementing zero-trust security for web apps for inspection and encryption.
0 kommentar(er)
