Thank you for the thoughtful discussion today. The meeting minutes have been updated and can be found here: https://drive.google.com/drive/folders/1fc9g7vUEuDA3qLDLk-0xoH12e_ZHRkA8
NOTE: Module 3 has been updated with Daniele's suggested text and is highlighted in yellow. Please review the new unit 3.2 and the Dynamic Firewall section in 3.4.
The recording for this meeting and future meetings can be found in the Library of the ZTA SME Circle group, along with the agendas/ meeting minutes, and other relevant ZTA artifacts, such as the charter. The Circle group is invite-only, so if you do not have access to this group, please let us know ASAP and we can get that resolved.
All Modules for the ZTA Training as well as the ZTA Glossary can be found here: https://drive.google.com/drive/folders/1RRq8MTFh19NCxw8bf5FH8Qito31mEC3F?usp=sharing
As a reminder, small groups have started up again. Each of you should've already been assigned to one and invited via a calendar invite. If you did not receive a calendar invite or if you are not assigned to a team please let us know.Note: Team 1 and Team 3 were merged and Team 1 will join Team 3's call on Thursdays. There will be no Team 1 call on Tuesdays moving forward.
Team 2: Wednesday 2pm-3pm (PT): Module 4 - SDP Architectures and Implementation Approaches
Team 1/3: Thursday 8am-9am (PT): Module 3 - SDP Key Features and Technologies
3.1.1- The Shifting Perimeter Challenge
Leon was assigned to work on this section, break it into subsections, and give them names by 12/21.
Jake Kline will work on this section by 12/21.
Matthew Meersman, please address your analogy comments for this section by 12/21.
We need to continue the analogy to show how a bad actor defeats the security implementation.
Sentence 3 translates analogy to networking. Sentences 4 and 5 change to threat description.
22.214.171.124 Limitations of the "Connect First, Authenticate Second" Model
Matthew Meersman will continue work on this section by 12/21.
Also, please add text for the introduction of this section.
126.96.36.199.1- Access before Authentication
Matthew Meersman, please rewrite to include physical building analogy and stay at a consistent level.
188.8.131.52.2-184.108.40.206.3- Broad Network Connectivity & Exposure
Matthew Meersman, would you please review those sections for structure and make sure it defines the limitations, not the solutions, by 12/21.
220.127.116.11.4- Traditional Firewall Architecture Shortcomings
Matthew Meersman, would you please continue your work in this section by 12/21.
3.2- Hiding of Infrastructure
Michael Roza and Prasad were assigned to review this section
3.3- Mutual transport Layer Authentication
Heinrich was assigned to review this section by 12/21.
3.4- The Access Model Based on the Principles of Least Privilege and Need to Know
Michael Herndon was assigned to review this section by 12/21.
3.5.1-Access Management Monitoring and 3.5.2- Access Management Review
Jake Kline, please continue to work on those sections and add text by 12/21.
3.6- Identity & Access Management
IAM team= Henrich, Remo, and Micheal Herndon will work on this unit by 12/21.
They would start an email thread and would work on unit 3.6 and its sections 3.6.1-3.6.3
3.7- Separately Tunneled Layer Access