The application layer, Layer 7, is where firewalls and Intrusion Prevention Systems (IPS) devices perform protocol anomaly protection. This prevents zero day attacks, controls the use of common protocols when connecting to application servers and compounds signatures to decode traffic and ensure false positives are minimised.
Once an organisation has control and visibility over its traditional network components, provisioning access to resources with a new 'identity layer' can be approached with more assurance that the right level of access and control can be delivered. Contractors and part-time workers can be given access to limited parts of the network, and guest users may simply be given access to the internet so they are able to connect to their own organisation.
Once this level of control is asserted over the infrastructure, the network can be monitored to identify rogue servers and users, and solve performance problems without being typically reactive.
Further to this, profiling of the applications and patch levels throughout the environment can be achieved, and resources mapped to location and hosts consistently across the data centre. Application Volume Tracking (AVT) can also be used to resource planning and optimisation, and flow collection for analysis.
Finally, once all the controls and services are deployed, an accurate report on network activity and usage can be provided. Reports of overall threat levels, external attacks, trends, compliance status and application usage can all be produced simply and quickly if the foundation of the network is laid out and managed correctly.
Many of the security controls outlined here - which offer enormous benefits to an organisation - are already available within the standard routing, switching and firewall infrastructure, but most of the time a co-ordinated effort is not made to integrate and manage them tightly. With the right planning and process, a fully managed, secured and carefully-monitored network can be achieved.
Richard Savage is Principal Consultant at Netsolutions.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
