Before we start our discussion of the case studies, let's review what we have covered so far in the design section of this book. In Chapter 12, "Fundamentals of Secure Perimeter Design," we described the factors that must be considered when designing your network's perimeter. Put simply, this means you must incorporate the answers for each of the following three questions in every design you create:
Before embarking on the design of the perimeter, you must establish what it is you are protecting. At one level, this will be the servers, workstations, databases, and other network devices located on the network. At a deeper level, though, it is the information contained on the network along with the services the network must offer. To begin your design, you must determine what will compose your network. If you are starting from scratch, this is relatively easy, but when adding security to an existing network, the discovery process can be difficult. This is especially true when the network is large and not well documented.
Next, you need to determine what threats you should be concerned about. All networks attached to the Internet need to worry about external attack. Whether the attack is from a script kiddy or malicious code, you can be guaranteed that if you're hooked up to the Internet, you are under attack. Some organizations, though, need to consider more directed attacks. If your organization is famous in any way (or has a name that is close to someone who is) or has information that would be useful to an attacker (such as credit card data), you will almost certainly come under attack from determined outsiders. These attackers will spend significant time analyzing the security of your network. Protecting against these attackers requires significantly more effort than preventing access by amateurs. Even more difficult to protect against is the determined insider. Preventing individuals who have been already granted some access to your network from gaining more can be extremely difficult and requires you to consider considerably more internal security controls than you would need to defend against purely external attacks.
When designing the security perimeter, you must also determine what the business requirements for the network are. As we have emphasized throughout the book, network security is a means to an end, not an end to itself. It is important that the business reasons and business constraints are taken into account as you design your security architecture. To begin with, you need to know what services need to be provided to your users and customers. You also need to determine how reliable and accessible these services need to be. A network that provides a basic website describing a company's services might not need to be as reliable and fast as a network that hosts an e-commerce site that processes all the sales requests for a large company.
You must also consider the amount of resources in terms of money and time that should reasonably be spent to secure the network. We would like every network we build to have every security control we can think of, but we must always be cognizant that the purpose of the network is to support the business. A network design that is unaffordable but securely designed will never be implemented.
As we go through the case studies that follow, try to keep in mind these three basic design criteria. To focus your attention, ask yourself the following questions as you review each design: