Reviewing common network defenses
Traditional security defense strategies, which many companies continue to use, are based on three simple assumptions:
- A perimeter around the network can keep the bad guys out and the good guys in. Perimeter security defenses
typically include a firewall at the Internet edge and endpoint security software, such as an antivirus tool, on
- The network perimeter is static. Security appliances such as firewalls, intrusion detection/prevention systems,
and other malware detection systems are deployed at fixed locations along the network perimeter where traffic
is expected to travel. Traffic is monitored as it passes through these choke points.
- Employees are to be trusted, and everyone else is not to be trusted. This simple trust model extends to the
devices on the network. In this model, the devices are IT‐owned and managed, with the right build of software,
patches, and antivirus protection, so they can be trusted.
Information Technology, Infrastructure Security, Cloud & Virtual Architecture.
I am an Irvine, California native since 1978 and California State University Fullerton(CSUF) Computer Science Graduate. I have spent over 25+ years in Southern California and Studying Information Technology, DevOPS, Software Development, Network Architecture, Network and Cloud Security, AWS, Artificial Intelligence, Natural Language Processing and more.