What security measures are recommended for each level of the TCP/IP model?

Find out where to put security measures and what options are available in the TCP/IP model in this expert response from Michael Gregg.

Superior Solutions, Inc.

What would you recommend for security at each level of the TCP/IP model?

Well I don't know that I would recommend security at each level of TCP/IP but I would say that security can be layered in at more than one.

One of the key concepts of security is defense in depth, and as such we should be trying to layer security. At the lower levels you may implement WEP, WPA, 802.1x or even EAP. Higher up at the IP layer we have IPSec. While it's just an add-on to IPv4 it is built in to IPv6. Tunnel and transport mode are two potential options.

Moving up to higher layers there are protocols such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS.) At the top, or application layer, there are choices here such as PGP instead of clear text mail, SSH/SFTP as a replacement for FTP or even protocols such as DNS Secure.

This was last published in July 2008

Dig Deeper on Network Security Best Practices and Products

All
News
Get Started
Evaluate
Manage
Problem Solve

Related Q&A from Michael Gregg

Expert tips to solve port 3389 issues when end users gets blocked

Enterprise security expert, Michael Gregg answers a question regarding port 3389 issues when a user tries to open port 3389 RDP on their router to ... Continue Reading

Disadvantages to a layered approach

Security expert Michael Gregg discusses the disadvantages to a layered approach to enterprise security. Continue Reading

Network security with foreign network cards

Security expert Michael Gregg fields a question about unknown network cards gaining access to a user's network. Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Networking experts

View all Networking questions and answers

SearchUnifiedCommunications

Slack resets passwords possibly compromised in 2015 hack

Slack has reset passwords for 1% of users after uncovering new information regarding a 2015 hack of its systems.

Private channels slated to launch in Microsoft Teams this fall

Private channels are scheduled to launch in Microsoft Teams this fall. The feature is the most demanded by far on the Teams user ...

Stand-alone vs. integrated collaboration: 3 factors to consider

Moving from legacy communications is no small task. Three factors must be considered to ensure successful adoption of new ...

SearchMobileComputing

Pros and cons of smartphone sensor data analysis

With the help of smartphone sensor data, IT can learn about its users' behaviors and improve operations and workflows, but ...

Identity management strategy starts with people, not technology

Organizations have the tough job of creating an overarching view of identity inside and out of the company. One thing they should...

How mobile threat defense integrates with and improves UEM

Though many organizations have either UEM or EMM, mobile threat defense tools aren't as widely adopted. IT can improve mobile ...

SearchDataCenter

3 ways to benefit from open source infrastructure

Using open source infrastructure can reduce operating costs and streamline upgrades, but it's important to weigh the pros and ...

IBM mainframes face competitive pressures inside and out

IBM's mainframe business continues to be under pressure from cloud-based competitors, and perhaps even its own Power server. ...

Linux features beyond server management

Due to its open source nature, Linux is constantly gaining new capabilities. Here's a look at some common use cases and features.

SearchITChannel

Microsoft Inspire: Nadella talks development, AI applications

Will the Microsoft partner's future be in software development and AI applications? Company CEO Satya Nadella suggested that may ...

Microsoft is a step closer to virtual desktop release

As a potential release date for Windows Virtual Desktop looms, Microsoft is making sure its most popular applications are ...

Amazon's Werner Vogels talks innovation speed, automation

Amazon CTO Werner Vogels talks about the company's Outposts hybrid cloud hardware, how AWS approaches innovation and future plans...

Dig Deeper on Network Security Best Practices and Products

Related Q&A from Michael Gregg

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.