padgett @
tccslr .
dnet .
mmc .
com wrote:
>So my feeling is that the nodes really do not need any security except as
>a second line of defense (I like defense in depth - preferably three levels
>deep) because the problem packets should never reach the nodes if I have
>done my job properly.
Mark respondeth:
>Wow! That's quite a statement. I think that our network perimiter provides
>us the lion's share of our security, but that doesn't mean that I don't make
>node based security a priority.
Do not disagree but with over a million square feet under roof at this site,
thousands of nodes, even multiple tenants/companies, I cannot touch every node
and some would take offense if I did. The simple fact is that with so many
even 1% vulnerable becomes a sizable number. Not to say that I do not provide
guidelines for those to follow, I do, but *cannot IMPO depend on them as the
primary line of defense*. Instead I have pulled it back to concentrate on
manageable perimeters - subnets, nets, and points at which communications
"cross the fence".
Closed areas control access *to the area* but rely on internal controls for
protection within that area, controls based on the need of that population.
My view of my job is to control the area access itself and to provide advice
to those inside.
If you consider my favorite example of a walled city, the responsibilities,
skills, and training of those charged with protection of the walls are
different from those whose duty is to keep peace on the streets. Further
one of the duties of those on the walls is to keep the brigands from
attacking in the first place. Among other things this is done by creating
a "killing ground" in front of the wall and providing instant response
to threats. Those on the inside (nodes) have the luxury of needing merely
to repulse the occasional threat *as they see it*.
Warmly,
Padgett
|
|
