This is a decent writeup on applying “Zero Tust” principles to a home lab using mostly open source tools. I’m not the author, but thought it was worth sharing.
This is a decent writeup on applying “Zero Tust” principles to a home lab using mostly open source tools. I’m not the author, but thought it was worth sharing.
ZeroTrust is a specific type of network security where every network device has its access to other devices validated and controlled, not a statement on the trustworthiness of vendors.
Instead of every device on a LAN seeing every other, or even every device on a VLAN seeing other devices on a VLAN, each device can only connect with the other devices it needs to work, and those connections need to be encrypted.
That sounds awfully complicated for home use.
Yes and no. The auditing is likely the harder part. You can use something like tailscale or nebula vpn to get the always on vpn/ACLs. With a dozen or two devices, it should be doable at a home scale.
If you want clientless zerotrust then you’re talking heavier duty things like Palo alto gear and the like.