As an enterprise network security design, security before Consideration should stand on a higher level, examine what kind of security model should be adopted, which will affect the subsequent development of the security policy to a large extent, it is the entire enterprise network security infrastructure set a tone of network security policy can be described as large.
Combined with their own practical experience, there is a sense, the higher stand high degree of knowledge by the more systems. Benpian will occupy us some time, tell us about the overall network security model. Which can be taken in accordance with security methods (boundary, layered) different classification, the system can also be classified according to the initiative.
1, border security (Perimeter Security) Model
Border security model is the attention on the network boundaries, without regard to the internal security of the network model. Including firewall, application gateway, password policies, as well as a variety of network access authorization techniques it is based on the idea of border security. Border security methods to protect the security of network boundaries, but usually a lot of internal network systems are also vulnerable.
Therefore, this model is obviously not comprehensive, but why many companies use it? Small companies often due to budgetary constraints or a lack of experienced network administrators choose to use the model for border security, a firewall is usually to buy a bin. This is no sensitive information of small companies may also OK, but for large companies is not enough. Recent frequent occurrence of some well-known company's customer information stolen, and some even stolen two years did not find that it had to be said to be high enough security in the country.
2, Layered Security (Layered Security)
Layered security model not only takes into account the network border security, but also within the network of personal protective systems together. All devices in the network servers, workstations, routers, hubs, etc. have carried out protection. To accomplish this, the usual method is to network fragmentation protection, to each one as a separate network, so even if the border security measures have been compromised, the internal system is not completely affected. Whenever, layered security models are preferred.
3, active and passive safety model
Security model can also be measured by the initiative and responsiveness. Take a look at the security device and system which can take the initiative to adjust policy to prevent the attack, which occurred just after the attack to respond appropriately. Passive approach to security attacks before they occur almost no action, and the dynamic or active defense is before the attack began responded. A proactive defense case is IDS, it can be found attempting to bypass security measures of behavior and invasion has not been completed when the system administrator is notified. In addition, IDS can detect a variety of attack techniques used by the intruder, even in the time of the attack has not been able to implement notify the administrator.
4, hybrid security model
In practice, several safety is usually mixed model, rather than only one; the same type may be mixed between, can be layered passive, active or boundaries. The best model is the dynamic stratification.
What makes dynamic stratification?
IDS is adding a dynamic hierarchical yet? I'm afraid a little one-sided. I understand the dynamic hierarchical model applied to the actual work, in addition to the equipment of dynamic hierarchical, but there must be the concept of dynamic operation and maintenance of process safety and security. In this process, people, things, things form a complex system, and the various elements are dynamic, we as members of this complex system, only through the constant motion of the system to affect the presentation of the results. That is why Rambo always stressed that the concept of offensive and defensive combat, has stressed the importance of normal operation must be good. This complex security system is based on the normal operation of a regular, periodic updates, regular antivirus, regular audit logs, regular self-assessment, it's that simple. Again, normal operation is very important to the disease as a mountain down, treat illness, such as spinning, we all understand that their doctor is sick again, it is better to spend more fitness, but is doing well. Sometimes very strange, it is to do simple things well.
In addition, the normal operation well, still some accidents can not be avoided, as usual great attention to health, but still may one day suddenly got cancer. Sometimes the disease is very similar and safety, security can not be fully resolved, is a dynamic process of offensive and defensive combat. To continue to learn, to be prepared. This is in fact to the security company offers great opportunities, at this stage most of the security company also just sell drugs, how drugs patients how clear it? If the security company completed the transition to the hospital pharmaceutical companies, for patients is huge gospel, but for security companies enormous business opportunities Azerbaijan. Well, I say point the way, now, for security administrators, normal operation well, the rest is their more practicing. Chronic illness into health, experience more, naturally know how to do.