Microsegmented Cloud Network Architecture Using Open-Source Tools for a Zero Trust Foundation

TL;DR

This paper proposes a multi-cloud, zero trust network architecture utilizing open-source tools to enhance security, flexibility, and independence across various cloud services and workloads.

Contribution

It introduces a novel multi-cloud network design based on zero trust and micro-segmentation principles using open-source tools, addressing security and operational challenges.

Findings

Enhanced security through micro-segmentation and zero trust principles

Flexible multi-cloud architecture supporting diverse workloads

Open-source tools enable vendor independence and agility

Abstract

This paper presents a multi-cloud networking architecture built on zero trust principles and micro-segmentation to provide secure connectivity with authentication, authorization, and encryption in transit. The proposed design includes the multi-cloud network to support a wide range of applications and workload use cases, compute resources including containers, virtual machines, and cloud-native services, including IaaS (Infrastructure as a Service (IaaS), PaaS (Platform as a service). Furthermore, open-source tools provide flexibility, agility, and independence from locking to one vendor technology. The paper provides a secure architecture with micro-segmentation and follows zero trust principles to solve multi-fold security and operational challenges.