Azure Relay Bridge

Azure Relay Bridge is a simple command line tool that allows creating TCP, UDP, HTTP and Unix socket tunnels between any pair of hosts, allowing to traverse NATs and Firewalls without requiring VPNs, only using outbound HTTPS (443) Internet connectivity from either host. Neither of those hosts must be running in Azure; the Azure Relay helps facilitating the connection.

Requirements for this tool - Microsoft Azure Subscription and Azure Relay namespace.

Reference - https://github.com/Azure/azure-relay-bridge

Use-case - If you run a DB server somewhere in your on-premises DC, that you need to reach from a cloud application, azbridge can make that database server securely reachable from the cloud application without you having to make any changes on your on-premises network, so long as azbridge is running on or near the DB server machine can establish an outbound HTTPS/websocket connection to the Azure Relay namespace.

On the DB server (on-premises), the bridge is bound in the reverse, mapping "db" to the local TCP port 16161 as a client connecting to the database with the -T option. All traffic through the bridge is forwarded end-to-end.

More details can be found here - https://github.com/Azure/azure-relay-bridge

Read about - Hostnames and Addresses, multiplexing, HTTP and K8s scenario.

https://learn.microsoft.com/en-us/azure/azure-relay/relay-what-is-it

Systems of Record and Systems of Engagement and the Zero Trust Context

 Systems of Record

1. Purpose:

   • Focus: Systems of record are primarily designed for data storage, management, and authoritative record-keeping. They serve as the official, centralized sources of truth for specific types of data within an organization.

2. Data Characteristics:

   • Structured Data: These systems typically handle structured and well-defined data, such as databases containing transactional or operational information.

3. Examples:

   • Enterprise Resource Planning (ERP) Systems: Manage core business processes and transactions.
   • Customer Relationship Management (CRM) Systems: Store and organize customer-related data.
   • Database Management Systems (DBMS): Handle structured data storage and retrieval.

4. Use Cases:

   • Back-Office Operations: Systems of record are commonly used for back-office operations, where accurate and reliable data storage is critical for business processes.

Systems of Engagement

1. Purpose:

   • Focus: Systems of engagement are designed to facilitate interactions and collaboration between users, whether they are employees, customers, or other stakeholders. They emphasize user experience and interaction.

2. Data Characteristics:

   • Unstructured and Semi-Structured Data: These systems often deal with unstructured or semi-structured data, including content, communications, and social interactions.

3. Examples:

   • Social Media Platforms: Facilitate interactions and engagement between users.
   • Collaboration Tools: Enable teamwork and communication within an organization.
   • Customer-Facing Apps: Provide platforms for customers to interact with the organization.

4. Use Cases:

• Customer Interaction: Systems of engagement are crucial for customer-facing interactions, providing platforms for customer support, feedback, and communication.
• Collaborative Work: Used for collaborative work environments, allowing teams to communicate and work together effectively.

Zero Trust Perspective

While the pillars are not strictly categorized into systems of record or systems of engagement, some aspects of the Zero Trust model can be associated with different types of systems within an organization:

Systems of Record:

1. Identities:

   • Systems of Record: Identities are crucial for systems of record, especially in environments where structured data is stored. Identity verification ensures that only authorized individuals have access to sensitive records.

2. Devices:

   • Systems of Record: The security of devices is essential in systems of record to prevent unauthorized access to structured data. Access from trusted and secure devices is a key consideration.

3. Data:

   • Systems of Record: The Data pillar is inherently tied to systems of record. Structured and sensitive data, such as customer records or financial transactions, are central to these systems.

4. Workloads:

   • Systems of Record: Workloads associated with handling structured data, such as database servers and transaction processing, are critical components of systems of record.

Systems of Engagement:

1. Identities:

   • Systems of Engagement: Identity verification is equally important in systems of engagement, where users interact with applications and collaborative tools. It ensures secure access to engagement platforms.

2. Devices:

   • Systems of Engagement: Device security is crucial in systems of engagement to prevent compromised devices from accessing interactive platforms, applications, and collaborative tools.

3. Data:

   • Systems of Engagement: While systems of engagement may not store structured data directly, they often involve the manipulation and interaction with data. Protecting data integrity and access control is key.

4. Workloads:

   • Systems of Engagement: Workloads associated with interactive applications and collaborative tools are essential components of systems of engagement. Ensuring secure and dynamic access to these workloads is critical.

5. Networks:

   • Systems of Engagement: Networks play a significant role in systems of engagement to facilitate communication and interactions. Ensuring secure communication channels is crucial for user engagement platforms.

6. Telemetry and Analytics:

   • Systems of Engagement: Telemetry and analytics are vital in systems of engagement for monitoring user behavior, detecting anomalies, and adapting security measures dynamically based on engagement data.

7. Automation and Orchestration:

   • Systems of Engagement: Automation and orchestration are often applied in systems of engagement to streamline processes, manage access requests, and respond rapidly to changing engagement scenarios.