Sign up & Download
Sign in
INTRUSION DETECTION ()

Abstract

A properly configured firewall appliance is considered a first line of network defense, and controls the flow of information to your servers. Unfortunately, if the server receives information from the network, it runs a risk of compromise from the unlikely event that the firewall fails. A more likely type of failure is that the firewall does its job passing traffic but that the server itself is vulnerable to an unusual request. Other elements of that first line of defense would include Access Control Lists (ACLs) on perimeter routers, perhaps Web caching, or load-balancing appli- ances. It would include operating system (OS) hardening and application config- uration controls on the server, as well as ensuring that the vendor software is current according to vendor recommendations.All these things contribute to the security of the service. But because we can never be completely sure that best practices have been followed, a second line of defense is a good plan. This is known as "defense in depth."We put everything we can into the front lines, but in case that fails, we have a backup plan. A detective control is an excellent ele- ment of that second line of defense.

Author-supplied keywords

Cite this document (BETA)

Readership Statistics

1 Reader on Mendeley
by Discipline
 
by Academic Status
 
100% Student (Master)
by Country
 
100% Colombia

Sign up today - FREE

Mendeley saves you time finding and organizing research. Learn more

  • All your research in one place
  • Add and import papers easily
  • Access it anywhere, anytime

Start using Mendeley in seconds!

Already have an account? Sign in