I am new to Zero Trust and wanted to know if how easy will it be to disable/bypass the zero trust in case of Zero Trust Network Failure . Can we whitelist users to bypass on demand or what would be the backup plan for assessing the risk feature of zero trust network down case.
@zach Could you please address this issue , thanks
Typically the internal service will be on a private network behind the Pritunl Zero server. There are multiple ways to prevent access to that internal service outside of Pritunl Zero. The internal service can be run on an isolated private network along with the Pritunl Zero server. A firewall can allow access to the internal service only from the Pritunl Zero server. The highest level of security is done with a client certificate. This requires support from the web server running the internal service. The client certificate documentation has more information on configuring this.
For high availability a MongoDB replica set can be configured and multiple Pritunl Zero servers can be configured. Then an external load balancer can be configured to load balance the Pritunl Zero servers.