Network Firewalls: Perimeter Defense

By Edward Tetz

Perimeter defense is one level of defending your network from attacks, and it works wonderfully to protect as a firewall from external attacks. Perimeter defense is just part of the protection suite. Defense in depth means that several layers of security protect your network and its data, like Russian nesting dolls.

The job of perimeter defense basically falls to your firewall devices. Short of unplugging your network from the rest of the world, this perimeter defense seems to be a necessary evil. Now in some cases, people have gone with the unplugged solutions. This unplugged solution, however, does not work for most businesses.

So, as a necessary evil, you need to deal with a perimeter that you will attempt to defend. Limiting the number of connections from other networks, such as the Internet, to the network helps a lot because you have fewer connections for which you need to manage protection.

Ideally, from the security perspective, you have only one connection to the Internet; whereas sometimes within a company, operation requirements mean that some groups within the organization require additional connections.