FIRE your VPN and replace it with Zero Trust Access! (Twingate Tutorial)
Вставка
- Опубліковано 1 чер 2024
- You thought you were secure with just a VPN? Think again!
In this video I go over the concept of Zero Trust Access and how you can easily replace your VPN with this modern approach to secure remote access.
Get started with Twingate now (affiliate link):
www.twingate.com/?...
Thanks for watching and if you have any questions on my setup or why I think ZeroTrustAccess is superior to a VPN leave a comment down below.
0:00 Intro
0:48 What I use for Zero Trust Access
1:41 How Twingate works
3:35 Walkthrough of my setup
7:32 Adding a Resource
10:24 Dashboard Walkthrough (Users, Devices, Policies, Integrations)
14:33 How I access my Kubernetes applications using Twingate
#zerotrust #twingate #vpn - Наука та технологія
Please let me know if you have any questions on Twingate or Zero Trust Access in general!
Some articles that you may find helpful:
Zero Trust vs Traditional VPNs:
www.twingate.com/blog/zero-trust-vpn
Service Accounts - I wanted to cover more on this, these can be used so devices/servers/pipelines can access your protected resources.
www.twingate.com/docs/service-accounts-guide
IdPs - You can easily add friends/contractors etc. that are not in the same IdP as you
www.twingate.com/docs/identity-providers
I am so grateful watching your video.
Please, how could one switch over from one country to another country like in a VPN service?
Also, after establishing a connection on Twingate, do i need to use the installed browser on my device or does Twingate have an included browser?
The whole system hinges on the twingate controller, which is under twingate control. Sooo...you need to "trust" twingate, which is not very zero trust. Need to change that slogan.
You can think of it more like "Identity-First Networking" if you don't like the term. Zero Trust is more of "not trusting" the clients rather then not trusting infrastructure (such as your cloud provider, IdP etc.). IMO, as long as a ZTA solution meets the following criteria it can be considered Zero trust:
- Every request should be authenticated/authorized
- Users get access to the minimum resources necessary
- Everything that is accessed should be logged
- Authentication should be handled by a separate IdP
Twingate does all of this, so I am happy to refer to it as ZTA.
Thanks a lot for your explanation. It has closed some gaps in my understanding. OT: What prompt are you using?
Zsh + starship. I have a video on it here ua-cam.com/video/XBU_6OSlgyI/v-deo.html
@@DevOpsJourneythanks
how this compares to teleport?
IMO they are pretty different solutions. Teleport is something you setup for SSH access and it provides you a GUI for accessing those resources, no client necessary.
Twingate is more of an all encompassing solution for remote connectivity. You can actually use them together quite successfully. I have both setup in my lab. I use Twingate to remotely connect to my homelab and that gives me access to my Teleport container which gives me SSH access to my servers.
@@DevOpsJourney thanks! Do you have, or plan, a video on teleport, too?