In order to best serve their business goals, they must on one hand try to sell integrated, comprehensive solutions to lock customers into single-vendor relationships, and on the other, try to sell components of a comprehensive layered security strategy individually to those who are unlikely to buy their own integrated solution - and convince such customers that a best-of-breed approach is better than a vertically integrated stack approach to do it. A common example for home users is the Norton Internet Security suite, which provides (among other capabilities):Ĭorporate vendors of security software are in an interesting position. Security vendors offer what some call vertically integrated vendor stack solutions for layered security. Firewalls, intrusion detection systems, malware scanners, integrity auditing procedures, and local storage encryption tools can each serve to protect your information technology resources in ways the others cannot. In short, the idea is an obvious one: that any single defense may be flawed, and the most certain way to find the flaws is to be compromised by an attack - so a series of different defenses should each be used to cover the gaps in the others’ protective capabilities. Whether you are the administrator of only a single computer, accessing the Internet from home or a coffee shop, or the go-to guy for a thirty thousand user enterprise WAN, a layered approach to security tools deployment can help improve your security profile.
Layered SecurityĪ layered approach to security can be implemented at any level of a complete information security strategy. There are actually two separate, but in some respects very similar, concepts that may be named by these phrases. The three phrases are often used interchangeably - but just as often, someone will use two of them to mean completely different things. Sometimes it seems like everybody talks about “layered security”, “layered defense”, or “defense in depth”, but nobody really knows what it means. What are "layered security" and "defense in depth" and how can they be employed to better protect your IT resources? Understanding these strategies and how they can be used to improve your own security is important for any system or network administrator. Understanding layered security and defense in depth
0 kommentar(er)
