Where Does Your Network Security Begin?

By Charles

May 25, 2016

Network Security

Network Security and Network Perimeters

Decades ago, the perimeter was very easily defined when we talked about network security.

The perimeter of a business used to be the front door or the edge of the carpark.

Network perimeters, however, have been growing since the creation and expansion of the internet.

At the start, networks had a mainframe and terminals, which were most likely on-site.

This then became desktops and servers, and we are now in the cloud wave of computing.

Your perimeter has been slowly expanding along with it. To start with, everything was in the building; then, a few devices were outside.

Now smartphones and tablets have enabled your entire systems to be outside your building and in someone else’s.

Device Endpoints and Compromised Network Security

When salespeople come to your office for a demo, they ask, ‘can I use your WiFi’? Hopefully, you have a guest network with separate broadband lines to create a physical perimeter between your business systems and visiting devices.

If not, at least have a separate VLAN for guests to provide some separation. The point is that IT has become so blurred it is hard to figure out where the network perimeter is.

Some of your systems will live inside someone else’s business, and other business devices will end up being used inside what used to be your perimeter (your building).

Every device you use is what we call an endpoint.

Each endpoint is a potential entry into your systems and your business. Each endpoint needs to be secured from internal and external threats, but those devices may not be on your site and may not even be in the same country.

When you think about network security, you need to assume any foreign environment is hostile and be vigilant regarding trusted devices.

Any devices on your network, like laptops and servers, will be trusted by the domain, but a virus or some malware could infect them. Hence, all endpoints must be considered potential threats, even if they are internal.

Knowing where your perimeter and the endpoints are is the first step to designing a network security strategy.


About the author

Microsoft Certified SQL Server DBA with over a decades experience including work for large FTSE 250 companies amongst others. The SQL Server stack has been the focus of almost all of my career in IT. I have experience designing, supporting and troubleshooting large Data Platform deployments.

You might also like

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}