New Security Survival Guide: How to Layer a Solid Defense

By John Moore  |  Posted 2007-05-17 Print this article Print

As attacks on enterprise systems grow more sophisticated and diverse, companies need to rethink their defense strategies. In this special report, experts offer better ways to protect vital information resources. (

A New Look at Layers
While emerging classes of tools may fend off attacks at multiple layers of a security strategy, there are pitfalls if the tools are not properly configured, managed or integrated with existing systems.

Layer 1: Perimeter Security
Layer 2: Host Security
Layer 3: Identity and Access Management
Layer 4: Network Access Control
Layer 5: Vulnerability Management
Layer Integration: Pulling It All Together
QUESTION: What do you think is the biggest pitfall to implementing a layered defense? Write a letter to the editor at

Security is a many-layered thing for most I.T. managers. Attacks may target network, server or application vulnerabilities. Blended threats combine multiple attack vectors Trojan horses, worms and viruses, for example in an attempt to outflank an organizations defenses.
In response, enterprises erect a series of barriers on the principle that an attack that beats one security measure wont get past other protections. This approach goes by several names: layered security, defense-in-depth and, on the folksy side, belt and suspenders. But the underlying premise is the same. Read the full story on New Security Survival Guide: How to Layer a Solid Defense Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.
John writes the Contract Watch column and his own column for the Channel Insider.

John has covered the information-technology industry for 15 years, focusing on government issues, systems integrators, resellers and channel activities. Prior to working with Channel Insider, he was an editor at Smart Partner, and a department editor at Federal Computer Week, a newspaper covering federal information technology. At Federal Computer Week, John covered federal contractors and compiled the publication's annual ranking of the market's top 25 integrators. John also was a senior editor in the Washington, D.C., bureau of Computer Systems News.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel