| |
ARE SELF-DEFENDING NETWORKS
DEFENSIBLE AND/OR DESIRABLE?
Trying to keep all your security products
as well as other business application and
operating systems up-to-date? Often times,
these efforts result in complex and costly
solutions. Is there a better way with a
so-called self-defending network?
Most large enterprises have assembled an
arsenal of security point products, including
firewalls, VPN tunnel termination devices,
virus scanning, intrusion detection/prevention/incident
response, and WLAN rogue access point detection
systems. Some have procedures for keeping
all these systems (plus their other business
applications and operating systems) up-to-date,
and a few have integrated their business
application and OS directories with secure
authorization, authentication and admission
control systems. These are complex and costly
solutions, hence the conceptual appeal of
the so-called self-defending network, where
the network presumably takes on more of
the security role.
This Cross-Cutting Concern will
address:
- Whether it makes sense
for enterprises to rely on perimeter security
- How important is it to
establish multiple security zones or perimeters,
such as those created using firewalls,
router access control lists and/or virtual
LANs?
- Can various encrypted
tunnel security mechanisms be used to
deploy an “overlay” security
model that spans internal and external
public networks, leading to “de-perimeterization”
of the enterprise’s IT infrastructure?
- The latest tools, techniques,
standards and types of products employed
by enterprises for network and perimeter
security
|
