A New Look at Layers
While emerging classes of tools may fend off attacks at multiple layers of a security strategy, there are pitfalls if the tools are not properly configured, managed or integrated with existing systems.
Layer 1: Perimeter Security
Layer 2: Host Security
Layer 3: Identity and Access Management
Layer 4: Network Access Control
Layer 5: Vulnerability Management
Layer Integration: Pulling It All Together
QUESTION: What do you think is the biggest pitfall to implementing a layered defense? Write a letter to the editor at [email protected]
Security is a many-layered thing for most I.T. managers. Attacks may target network, server or application vulnerabilities. Blended threats combine multiple attack vectors Trojan horses, worms and viruses, for example in an attempt to outflank an organizations defenses.
In response, enterprises erect a series of barriers on the principle that an attack that beats one security measure wont get past other protections. This approach goes by several names: layered security, defense-in-depth and, on the folksy side, belt and suspenders. But the underlying premise is the same.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.