Level 4 with one computer (Privileged Access Workstation) #12
Comments
|
@C0FFEEC0FFEE interesting. |
|
@C0FFEEC0FFEE Do you have experience using this technology if so? |
|
Yes |
|
@C0FFEEC0FFEE what if an attacker takes over the Guarded host after PAW was started, what prevents him from using the PAW virtual machine? |
|
I did not have time to read the article you linked. In my case I put the untrusted workload (e-mail, browsing the web, office work) into a VM running on the PAW with a vNIC bridged onto the physical NIC. The PAW itself has an always-on VPN connection into the data centre. In this case the only attack vector would be to break out of the hypervisor, which is the tradeoff to using two physical devices. The OS on the PAW is hardened und watched closely by EDR. |
|
That would not pass Australia IRAP, you would need 2 physically separate hosts if you were to have separation |
Level four can be achieved with only one physical computer on your desktop. One can use virtual machines and call it a Privileged Access Workstation: https://techcommunity.microsoft.com/t5/data-center-security/privileged-access-workstation-paw/ba-p/372274
It hurts a little less than two physical computers. ;)
The text was updated successfully, but these errors were encountered: