李军,胡效赫
(清华大学,中国 北京 100084)
摘要:随着网络规模持续增加、应用日益复杂以及动态性不断增强,网络自动化的需求愈发迫切。网络转发呈现零触碰的趋势,以实现策略编排的自动化为目标。网络安全呈现零信任的趋势,以实现身份访问的自动化为目标。从基本理念、核心组成以及工业实践的角度对零触碰和零信任进行分析,阐述网络自动化的必要性与发展情形。
关键词:网络自动化;网络转发;零触碰;网络安全;零信任
Zero Touch and Zero Trust
LI Jun, HU Xiaohe
(Tsinghua University, Beijing 100084, China)
Abstract: With the increasing scale of networks, complexity of applications, and dynamics of scenarios, there has been an urgent demand of network automation. Network forwarding is becoming zero touch, automating the policy orchestration. Network security is becoming zero trust, automating the identity and access management. Zero touch and zero trust networks are analyzed in three aspects, i.e., basic concept, core components, and industrial practice, and the necessity and development of network automation are described.
Keywords: network automation; network forwarding; zero touch; network security; zero trust