Summary

Previous page
Table of content
Next page


This brings us to the end of the chapter on separating resources. Our discussion focused on ways to isolate systems and processes based on their security requirements, while taking into account the budgetary and administrative overhead of segmenting resources in an overly granular manner. In the process, we discussed the advantages of limiting how resources interact with each other when crossing security zone boundaries. This approach to the design of the security perimeter allowed us to limit the scope of the influence an attacker would have if the network were compromised. We also examined some of the merits and disadvantages of employing VLANs to segregate systems. As you have seen, resource separation is an important technique for fortifying the layers of your defense-in-depth strategy. The extent of the appropriate isolation depends on your goals and capabilities, which are articulated when assessing your business needs and documented as part of your security policy.


    Previous page
    Table of content
    Next page
    Inside Network Perimeter Security
    Inside Network Perimeter Security (2nd Edition)
    ISBN: 0672327376
    EAN: 2147483647
    Year: 2005
    Pages: 230
    Authors: Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Kent, Ronald W. Ritchey
    BUY ON AMAZON
    Competency-Based Human Resource Management
    Twisted Network Programming Essentials
    Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
    FileMaker 8 Functions and Scripts Desk Reference
    GDI+ Programming with C#
    Digital Character Animation 3 (No. 3)
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy