What is layered defense approach to network security?
A layered defense uses multiple approaches to security enforcement at multiple areas within a network. This approach removes single points of security failure in order to secure enterprise information assets. A common example to security enforcement would consist of the following:
- Endpoint security to ensure valid identity and security policy compliance of the connected device
- Secure communications to ensure that information is protected from unauthorized discovery over the network
- Perimeter security to keep the "bad stuff" out by securing the boundaries between zones of different levels of trust
- Core network security to keep an eye on any malicious software and traffic anomalies by enforcing network policy and enabling survivability
For more information:View this tip series, "OSI -- securing the stack," by security expert and author Michael Gregg, based on his book, Hack the Stack.
This was first published in August 2007