Sun Tzu's 13 lessons to combat hackers

Staff Writer
Page 10 of 14  |  Single page

Defence in depth, diversity of defence

Sun Tzu's 13 lessons to combat hackers

"The clever combatant looks to the effect of combined energy and does nort require too much from individuals..."

... or systems. Requiring too much from systems introduces significant risk.

This introduces the concept of dedicated functionality, a strategy where security devices serve a sole purpose.

For example, routers route traffic, and although you can add access control lists (to block RFC 1918 addresses), that does not make them firewalls. 

You need to use real firewalls, access control devices that enforce policy through allow and block rules. 

Firewalls also provide network address translation and maintain state-on connections, something traditional routers can't do, which provides for the analysis of packets at the network, transport and session layers for deeper protocol understanding. 

Keeping track of these layers creates virtual sessions of connectionless protocols used by UDP and RPC applications.

Regarding "combined energy", convergence of security functions into unified threat management devices has gained momentum, especially for small and branch offices.  These devices consolidate security functions (firewall, intrusion prevention, anti-virus capability, and Internet content, among others) in a box managed through an interface.

Other security strategies, defence in depth and diversity of defence, are important.  Defence in depth creates concentric layers that an attacker must penetrate while we watch their activities (like a honeypot). Diversity of defence provides prevention and detection controls that work independently.

Aircraft carriers rely on concentric circles of defence to ward of attackers, a wise move for information security strategies.

   Aircraft carriers rely on concentric circles of defence and variety of weapons
   to ward of attackers, a wise move for information security strategies.

 

Previous PageNext Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 Single page
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?