What is layered defense approach to network security?
A layered defense uses multiple approaches to security enforcement at multiple areas within a network. This approach removes single points of security failure in order to secure enterprise information assets. A common example to security enforcement would consist of the following:
- Endpoint security to ensure valid identity and security policy compliance of the connected device
- Secure communications to ensure that information is protected from unauthorized discovery over the network
- Perimeter security to keep the "bad stuff" out by securing the boundaries between zones of different levels of trust
- Core network security to keep an eye on any malicious software and traffic anomalies by enforcing network policy and enabling survivability
For more information:
View this tip series, "OSI -- securing the stack," by security expert and author Michael Gregg, based on his book, Hack the Stack.
Dig Deeper on Network Security Best Practices and Products
Related Q&A from Puneet Mehta
Find out if there's a difference between a virtual private network (VPN) concentrator and a network access server (NAS) in this explanation from our ... Continue Reading
Our network security expert explains how to keep unauthorized users from accessing your router's IP address for Internet access in this advice ... Continue Reading
If you've used MAC address restriction to control your network access on your wireless router, can you extend this to your wired network? Our ... Continue Reading