Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Role: Edge & Boundary

Purpose: Enforce the demarcation between the public internet and the private internal network to ensure secure traffic flow.

Responsibilities:

  • Govern inbound traffic policies from the public internet.
  • Enforce security policies for VPN-connected devices.
  • Implement routing, firewall, and network segmentation rules for the local network (LAN).
  • Prevent unauthorized access and indexing of private services by external entities.

Guarantees:

  • Private services are not reachable from the public internet.
  • Traffic is strictly isolated according to defined boundaries and security levels.
  • The boundary remains resilient against common external scanning and discovery attempts.

Out of Scope:

  • Application-level authentication (handled by Identity & Access).
  • Service-to-service traffic encryption within the secure boundary.
  • Hardware maintenance of physical networking equipment.