https://blog.mishraji.org/tags/zero-trust-network-access/ Recent content in Zero-Trust-Network-Access on mishraJi Hugo en-us Mon, 09 Mar 2026 00:00:00 +0000 https://blog.mishraji.org/posts/cloudflare-ztna-part-2/ Mon, 09 Mar 2026 00:00:00 +0000 https://blog.mishraji.org/posts/cloudflare-ztna-part-2/ <p>In <a href="https://blog.mishraji.org/posts/cloudflare-ztna-part-1/">Part 1</a>, we enabled TLS inspection to get HTTP policies working against HTTPS traffic — that&rsquo;s how we blocked social media sites on port 443. We got it working, but I didn&rsquo;t really explain <em>what</em> TLS inspection is actually doing under the hood. Let&rsquo;s fix that.</p> <p>TLS inspection is essentially a sanctioned man-in-the-middle. When your device initiates an HTTPS connection, Cloudflare Gateway intercepts it, terminates the TLS session, decrypts the traffic, inspects it, and re-encrypts before forwarding to the destination. Same thing in reverse on the way back. The Cloudflare root CA certificate we installed on the client device is what makes this work without your browser throwing certificate errors on every page.</p> https://blog.mishraji.org/posts/cloudflare-ztna-part-1/ Thu, 05 Mar 2026 00:00:00 +0000 https://blog.mishraji.org/posts/cloudflare-ztna-part-1/ <h2 id="introduction">Introduction</h2> <p>This is Part 1 of the 4-part Cloudflare Zero Trust series. In Part 0 we set up the Cloudflare One Client and tested a successful ZTNA connectivity. If you have not read that yet, I would recommend starting there before following along here.</p> <p>In this post we are looking at <strong>web filtering</strong> — what it is and how to configure it using Cloudflare Zero Trust.</p> <hr> <h3 id="what-is-web-filtering-and-why-is-it-required">What is Web Filtering and Why is it Required?</h3> <p>Web filtering controls what a user can or cannot access on the internet. The reasons for doing it depend on who you are.</p> https://blog.mishraji.org/posts/cloudflare-ztna-part-0/ Tue, 03 Mar 2026 00:00:00 +0000 https://blog.mishraji.org/posts/cloudflare-ztna-part-0/ <h2 id="introduction">Introduction</h2> <p>If you have been working in IT or security for a while, you have probably heard the term <strong>Zero Trust</strong> thrown around a lot. But what does it actually mean in practice?</p> <p>Traditional network security worked on a simple assumption — if you are inside the network, you are trusted. VPNs were the go-to solution. You connect to the VPN, and suddenly you are <em>&ldquo;on the network&rdquo;</em> with access to everything. The problem? Once an attacker gets in — through a compromised credential, a phishing attack, or a misconfigured endpoint — they can move laterally across the entire network with very little resistance. Trust was implicit, and that was the fundamental flaw.</p>