PERIMETER SECURITY PROTECTING THE BOUNDARIES OF YOUR INFORMATION SECURITY SYSTEM

EQUIPMENT REDUNDANCY  THIS IS THE USE OF MULTIPLE COPIES OF IT INFRASTRUCTURE  THE IT RESOURCES IN USE SHOULD BE LOCATED AT DIFFERENT PLACES  ALLOWS FOR DISASTER RECOVERY IN CASE THERE IS EQUIPMENT FAILURE/DAMAGE  ENSURES MAXIMUM UPTIME

ACCESS CONTROL LIST FILTERS  CONFIGURED AT A NUMBER OF DIFFERENT LOCATIONS  MAINLY USED ON FIREWALLS  SUPPORTED BY SOME ROUTERS AND SWITCHES  DEFINE THE NETWORK RESOURCES THAT ARE ACCESSIBLE TO A USER  PRINCIPLE OF LEAST PRIVILEGE SHOULD BE EMPLOYED

BORDER ROUTERS  THESE ARE ROUTERS LOCATED AT THE LOGICAL EDGES IN THE NETWORK DESIGN LAYOUT  THEY ACT AS THE INTERFACE OF THE NETWORK TO THE OUTSIDE WORLD  EXPOSED TO A LOT OF RISK, MUST BE PROTECTED

PROXY FILTERS  THESE ARE SERVERS THROUGH WHICH LAN USERS ACCESS THE INTERNET  CAN BE CONFIGURED WITH ACCESS LISTS  RESTRICT UNAUTHORIZED USERS FROM ACCESSING THE WEBSITE  ONLY THE PROXY SERVER IS DIRECTLY EXPOSED TO THE INTERNET, MINIMIZING THE AREA OF EXPOSURE

DEMILITARIZED ZONES  THESE ARE SECURE ZONES ESTABLISHED WITHIN A BIGGER NETWORK  ESTABLISHED BETWEEN THE INTERNET AND THE OUTWARD-FACING DEVICES E.G. SERVERS  ADDS AN ADDITIONAL LAYER OF SECURITY TO THE SYSTEM  REDUCES AREA OF EXPOSURE

REFERENCES Northcutt, S., Zeltser, L., Winters, S., Kent, K., & Ritchey, R. W. (2005). Inside Network Perimeter Security (Inside). Sams.