Editor's note

since this year on , Microsoft is frequently concerned by domestic network security practitioners . The three things that caused the most discussion ：

1、2021 year 1 month , Microsoft CEO Announce that Microsoft is 2020 The revenue of security business reached 100 Billion dollars , The annual growth rate exceeds 40%. For a while , The safety industry is hotly debated “ It turns out that Microsoft is the largest network security manufacturer in the world ”！

2、2021 year 6 month 25 Japan , Microsoft officially released Windows 11, Specifically mentioned Windows 11 Provides a “ Zero trust security protection mode ” Operating system of , To protect data and cross device access .

3、2021 year 7 month 14 Japan , Microsoft officially released Windows 365, Again Windows 365 service follow “ Zero trust ” principle , Ensure safety from the design source .

What inspiration has Microsoft Security, which frequently swipes the screen in the network security circle, given to domestic manufacturers ？ This release Windows 365 What is the impact on the zero trust market ？

Industrial safety in this period TALK Share an article from “ Zero trust industry standards working group ” Analysis of , Analyze Microsoft's actions from another angle .

author ： Huang Chao

edit ： jar

The original title ：《 Microsoft released Windows 365 Because of zero trust ,“ Native ” The era of zero trust accelerates 》

Microsoft Windows365 I brushed the screen these two days , I also saw that everyone in my circle of friends was very excited ,“ With Win365 There is no need for other zero trust products ”、“ Microsoft has come up with a subversive zero trust solution ”、“ A new zero trust game was born ”…… No one seems to care too much Win365 Its own function , I'm right Win365 Full of interest with the concept of zero trust .

First, extract the official introduction of Microsoft ：

Everyone's reaction , I am also very excited and filled with emotion . What excites me is that Microsoft is an international IT Giants are also actively embracing and practicing zero trust , Even at the time of product release, the concept of zero trust is used to spread , It shows that zero trust has become a new security concept in the industry 、 New trend of thought 、 New trends ; What I feel is ,Win365 Release , It also shows that major manufacturers have begun to develop their own products 、 The concept and principle of zero trust are considered and applied in the design and R & D process of the service , Predictably, , Various products in the follow-up market will “ Native ” Integrate zero trust , This will make a great contribution to the further popularization of zero trust and the improvement of the overall security level of the industry .—— Microsoft official

Win365 It is essentially a cloud computer

Win365 Essentially, Cloud PC（ Cloud computer ）, Provide users with a complete cloud PC Experience , Support Windows 10 And Windows 11（ Microsoft's own, of course OS）, The advantages are the same as other cloud computing products , Allow user device login , Give Way IT Personnel can expand or reduce capacity as required 、 simplify PC Deployment of 、 Update and management .

Cloud computing is not a new product ,2018 Nian Huawei launched cloud computing , Support Huawei M5 Flat 、P20、Mate 10 and Mate RS Wait for your mobile phone to access the cloud PC,2019 year Valve Game companies have launched Steam Link, Can stream Steam Game library to Android and iOS equipment , Including mobile phone 、 Flat panel and TV, etc ,2020 year 9 In June, Alibaba cloud launched “ No shadow ” Cloud computer 、2020 year 11 In June, baidu launched cloud mobile phones and so on . Each family has its own characteristics , Provide cloud terminal （ The computer 、 Flat 、 mobile phone ） System hosting services , Support different OS Running in the cloud , Users can access the cloud with computing power without strong end-to-end devices PC Services and data .

Why should Microsoft use the concept of zero trust ？

Back to zero trust , Why does Microsoft use the concept of zero trust to design this time Win365. It is necessary to review the original intention and goal of zero trust , Provide end-to-end security protection capability , The core is to protect data and service security . One of the principles of zero trust is to converge the attack surface as much as possible .Win365 Data on the user terminal side , Through the mode of cloud computer , Stored in the cloud , As little as possible in the user terminal , So as to reduce the data leakage or damage caused by malicious attack on the terminal . Cloud computing mode , Naturally, it can reduce the exposure of data on the terminal , It is directly consistent with the concept of zero trust .

But terminal data is stored in the cloud , Can you solve all the security risks , Obviously, it is impossible . That is, the cloud computer is used , Users still need to access cloud resources through a terminal , Verification of user identity 、 Verification of user equipment identity 、 Security evaluation of user equipment 、 Security encryption of user access request message, etc , Under the concept of zero trust , No less .

I think of an idea of zero trust data protection on the terminal side , Apply sandbox , Use sandbox to isolate... On the terminal APP And data , Make the attack surface on the terminal side converge as much as possible （ Even if some APP A breach of , It won't affect anything else APP And data ）, It is also similar to the data protection objectives of cloud computers . And cloud computers can still use sandboxes to protect themselves in the cloud , Achieve a higher level of attack surface convergence .

Win365 It is not a panacea for zero trust

Win365 It is not zero trust “ A panacea ”, Nor is it cloud computing “ Ultimate form ”, But Microsoft uses zero trust to design and implement its own products , It is bound to attach importance to zero trust for other manufacturers 、“ Native ” The integration of zero trust brings demonstration effect . I am also looking forward to more products providing native zero trust security capabilities , So since , When users use the concept of zero trust to design the network security architecture , It can better adapt and coordinate with the overall zero trust solution provided by security manufacturers , So as to lay a better foundation for users to comprehensively practice zero trust .

The above views only represent the experts of the zero trust industry standards working group , Welcome to exchange ！