Free PBQ Demo · Advanced

Topology · Zero-Trust Architecture

Replace flat perimeter trust with identity-driven micro-segmentation — IdP, policy engine, conditional access, continuous verification.

Tests: Zero-trust principles, IdP integration, policy decision/enforcement, device posture — Security+ Domain 3.

~10 minNo signup needed

Scenario

Move from perimeter VPN to zero-trust — IdP, policy engine, posture, continuous verification.

Wire the IdP, policy decision point, and resources so every request is identity-verified, posture-checked, and re-evaluated continuously.

Network Topology — Live View

monitoring

InfectedAlertConfiguredclick any hostto configure

Identity Provider

IdP / SSO

Authentication

Require MFA on every authentication

Allow passwordless (FIDO2 / passkey)

SSO session lifetime:

1 hour (high security)8 hours (workday)30 days (convenient, weak)

Tasks

0 settings configured

Liked this PBQ? There are 80+ more inside.