In our first blog on ideal network security perimeter design, we looked at how to harden and configure your network as well as understanding what outsiders can see. In part 2 we’ll examine the numerous layers in a sound network security perimeter design and how to enable access for authorized personnel.
No matter how hard you try to stop an adversary, one is going to slip by your well-planned network. Within the perimeter there are tools that can help us proactively block these threats if they’re found (this doesn’t mean they’ll catch all of them, but that’s why we have layers). Let’s take a look at these tools and where they are layered in:
Together these systems will help limit the risk and likelihood of an attacker walking through the front gate, but we can’t let our guard down just because we have them. Having these tools in place is one thing, but having the staff and policy to manage them is another. An important component of a truly secure architecture is having the right staff with the right expertise in place to manage it, including personnel who configure the systems to those that monitor the systems’ output for security related events. It’s a test of your architecture and team to tune everything if/when something gets through.
Accessing it Securely
In the first blog, we used the analogy of network being like a medieval castle and just like our castle walls, we need an entrance to the network from the outside. There are times when we need to open the drawbridge and allow only approved people into our kingdom.
So just like men of old protecting their homelands from foreign attackers, as are we in information security protecting our company’s data from hackers across the globe. Lucky for us these topics have already been done once in the physical realm and it’s up to us to apply the same techniques to the cyber realm. Next up, we’ll examine how to set up a DMZ.
Receive notifications of new posts by email.