Overview

What

Pomerium is an identity-aware access proxy. Pomerium can be used to:

  • enable secure remote access to internal websites, without a VPN.
  • provide unified authentication (SSO) using the identity provider of your choice.
  • enforce dynamic access policy based on context, identity, and device state.
  • aggregate access logs and telemetry data.

Why

Perimeter security's shortcomings

For years, secure remote access meant firewalls, network segmentation, and VPNs. However, several high-profile security breaches have shown the limitations of perimeter security, namely:

  • Perimeter security does a poor job of addressing the insider-threat and 28% percent of breaches are by internal actors.
  • The impenetrable fortress theory of perimeter security is anything but in practice; most corporate networks have multiple entry points, lots of firewall rules, and constant pressure to expand network segmentation boundaries.
  • Even defining "what" a perimeter is is difficult as corporate networks have come to consist of an increasingly heterogeneous mix of on-premise, public, and private clouds.
  • VPNs frustrate end-users, give a false sense of security, and often fail to provide defense-in-depth.

Or for the visually inclined.

NSA exploiting google's SSL termination

SSL added and removed here :^) - NSA

Zero-trust

Pomerium -- and zero-trust more broadly -- attempts to mitigate these shortcomings by adopting principles like:

  • Trust flows from identity, device-state, and context; not network location.
  • Treat both internal and external networks as completely untrusted.
  • Act like you are already breached, because you probably are.
  • Every device, user, and application's communication should be authenticated, authorized, and encrypted.
  • Access policy should be dynamic, and built from multiple sources.

Resources

Pomerium was designed around the security model originally articulated by John Kindervag in 2010, and by Google in 2011 which as a result of the Operation Aurora breach.

Typically this approach to security is called either zero-trust or BeyondCorp-inspired. Here's a curated list of resources covering th

Books

Papers

Posts

Videos