When a highly sophisticated APT attack named Operation Aurora occurred in 2009, Google began an internal initiative to reimagine their security architecture with regards to how employees and devices access internal applications.
Unlike the traditional perimeter security model, BeyondCorp dispels the notion of network segmentation as the primary mechanism for protecting sensitive resources. Instead, all applications are deployed to the public Internet, accessible through a user and device-centric authentication and authorization workflow.
The guiding principles set forth by Google help pave the path for other organizations to realize their own implementation of a Zero Trust network.
Google threw out tradition and reimagined what a security framework should look like to be truly effective in today's world of distributed teams, systems, and applications.
Connecting from a particular network must not determine which services you can access.
Access to services is granted based on what we know about you and your device.
All access to services must be authenticated, authorized and encrypted.
Google's architecture is made up of a number of coordinated components, which can be used as reference for any organization looking to move towards their own like-minded system.
A system that continuously collects, processes, and publishes changes about the state of known devices.
A system that continuously analyzes and annotates device state to determine the maximum trust tier for accessing resources.
The applications, services, and infrastructure that are subject to access control by the system.
A centralized policy enforcement service that provides authorization decisions in real time.
A programmatic representation of the resources, trust tiers, and other predicates that must be satisfied for successful auth.
SSH servers, web proxies, and 802.1x-enabled wireless networks that perform authorization actions.