2. Outbound web security pattern [Control Realization] ()
2. Outbound web security pattern [Control Realization]
The diagram reads bottom to top. Connections can be initiated from - a managed virtual desktop (on a trusted network) - a managed physical laptop (on a trusted network) - an internal application (on a trusted network) - a managed physical laptop (on an untrusted network) All connections always pass via an outbound zone where controls are enforced, and are only allowed to the remote location via HTTPS, which in turn is tunneled through a leased line, a VPN, or the public Internet.
Version0.1
Also known as<Not currently known>
IntentSecuring web access for collaborators that access resources on the public internet.
ApplicabilityApplicable to all connections initiated from company-managed devices.
Scope
Contributor(s)Kris Vercauteren, Michael Boeynaems, Roos Hubrechtsen
Conditions
Referenceshttps://www.opensecurityarchitecture.org/cms/library/patternlandscape/222-pattern-public-web-server
Dependencies
VariationsOWA Threat Model