A small LAN Zero Trust network model based on Elastic Stack

Abstract

Recently, people have changed from using USB and other media to relying on network protocol for data transmission. However, for the sake of security, important confidential units still disable all networks and use USB to transmit files, which wastes a lot of human resources and personnel energy. This paper constructs a small Zero Trust network model based on Elastic Stack, aiming to try to solve the problem of no network availability for important confidential units, and provide a method for solving the hidden danger of leakage. This model uses fingerprint as the user login credentials, and maps all operations to people accurately. Beats components running on the computer can collect and audit information such as user operation records. The information will be sent to Elasticsearch(ES), which will also be monitored by Kibana analysis. Users will be recorded and alerted if they overstep their authority or violate the rules. The security concept and effect of Zero-Trust network are very consistent with the work requirements of important confidential units. This paper proposed that important confidential units should try to build a zero-trust network, and use the network to improve work efficiency while ensuring confidentiality.