PERIMETER SECURITY PROTECTING THE BOUNDARIES OF YOUR INFORMATION SECURITY SYSTEM.
-
Upload
nathaniel-melton -
Category
Documents
-
view
213 -
download
0
Transcript of PERIMETER SECURITY PROTECTING THE BOUNDARIES OF YOUR INFORMATION SECURITY SYSTEM.
PERIMETER SECURITYPROTECTING THE BOUNDARIES OF YOUR INFORMATION SECURITY SYSTEM
EQUIPMENT REDUNDANCY
THIS IS THE USE OF MULTIPLE COPIES OF IT INFRASTRUCTURE
THE IT RESOURCES IN USE SHOULD BE LOCATED AT DIFFERENT PLACES
ALLOWS FOR DISASTER RECOVERY IN CASE THERE IS EQUIPMENT FAILURE/DAMAGE
ENSURES MAXIMUM UPTIME
ACCESS CONTROL LIST FILTERS
CONFIGURED AT A NUMBER OF DIFFERENT LOCATIONS
MAINLY USED ON FIREWALLS
SUPPORTED BY SOME ROUTERS AND SWITCHES
DEFINE THE NETWORK RESOURCES THAT ARE ACCESSIBLE TO A USER
PRINCIPLE OF LEAST PRIVILEGE SHOULD BE EMPLOYED
BORDER ROUTERS
THESE ARE ROUTERS LOCATED AT THE LOGICAL EDGES IN THE NETWORK DESIGN LAYOUT
THEY ACT AS THE INTERFACE OF THE NETWORK TO THE OUTSIDE WORLD
EXPOSED TO A LOT OF RISK, MUST BE PROTECTED
PROXY FILTERS
THESE ARE SERVERS THROUGH WHICH LAN USERS ACCESS THE INTERNET
CAN BE CONFIGURED WITH ACCESS LISTS
RESTRICT UNAUTHORIZED USERS FROM ACCESSING THE WEBSITE
ONLY THE PROXY SERVER IS DIRECTLY EXPOSED TO THE INTERNET, MINIMIZING THE AREA OF EXPOSURE
DEMILITARIZED ZONES THESE ARE SECURE ZONES ESTABLISHED WITHIN A BIGGER
NETWORK
ESTABLISHED BETWEEN THE INTERNET AND THE OUTWARD-FACING DEVICES E.G. SERVERS
ADDS AN ADDITIONAL LAYER OF SECURITY TO THE SYSTEM
REDUCES AREA OF EXPOSURE
REFERENCESNorthcutt, S., Zeltser, L., Winters, S., Kent, K., & Ritchey, R. W. (2005). Inside Network Perimeter Security (Inside). Sams.