Authentication represents one of the basic foundations of defense in depth and should be deployed in every network infrastructure. You should follow a few basic best practices to keep your network secure, including the following:
In addition to device management authentication, you can deploy authentication for the following web services:
Authenticating services enables you to grant only certain users access to the services listed here. You can also use outbound authentication for the same services. Besides merely blocking access to certain websites or classes of websites, URL blocking can prove effective to stop malware from installing itself on the PCs behind your security appliance. It can mitigate the following web- and browser-based problems:
You have now deployed authentication, the first layer of defense in-depth. Chapter 8, "Deploying Perimeter Protection," covers locking down the perimeter of your network, adding protection assistance against denial-of-service attacks, and filtering your traffic. The remaining steps to fully deploy defense in depth in your network are covered in the following chapters:
|