PERIMETER SECURITYPROTECTING THE BOUNDARIES OF YOUR INFORMATION SECURITY SYSTEM

EQUIPMENT REDUNDANCY

THIS IS THE USE OF MULTIPLE COPIES OF IT INFRASTRUCTURE

THE IT RESOURCES IN USE SHOULD BE LOCATED AT DIFFERENT PLACES

ALLOWS FOR DISASTER RECOVERY IN CASE THERE IS EQUIPMENT FAILURE/DAMAGE

ENSURES MAXIMUM UPTIME

ACCESS CONTROL LIST FILTERS

CONFIGURED AT A NUMBER OF DIFFERENT LOCATIONS

MAINLY USED ON FIREWALLS

SUPPORTED BY SOME ROUTERS AND SWITCHES

DEFINE THE NETWORK RESOURCES THAT ARE ACCESSIBLE TO A USER

PRINCIPLE OF LEAST PRIVILEGE SHOULD BE EMPLOYED

BORDER ROUTERS

THESE ARE ROUTERS LOCATED AT THE LOGICAL EDGES IN THE NETWORK DESIGN LAYOUT

THEY ACT AS THE INTERFACE OF THE NETWORK TO THE OUTSIDE WORLD

EXPOSED TO A LOT OF RISK, MUST BE PROTECTED

PROXY FILTERS

THESE ARE SERVERS THROUGH WHICH LAN USERS ACCESS THE INTERNET

CAN BE CONFIGURED WITH ACCESS LISTS

RESTRICT UNAUTHORIZED USERS FROM ACCESSING THE WEBSITE

ONLY THE PROXY SERVER IS DIRECTLY EXPOSED TO THE INTERNET, MINIMIZING THE AREA OF EXPOSURE

DEMILITARIZED ZONES THESE ARE SECURE ZONES ESTABLISHED WITHIN A BIGGER

NETWORK

ESTABLISHED BETWEEN THE INTERNET AND THE OUTWARD-FACING DEVICES E.G. SERVERS

ADDS AN ADDITIONAL LAYER OF SECURITY TO THE SYSTEM

REDUCES AREA OF EXPOSURE

REFERENCESNorthcutt, S., Zeltser, L., Winters, S., Kent, K., & Ritchey, R. W. (2005). Inside Network Perimeter Security (Inside). Sams.