Defense In Depth
As of late when one considers network and especially Internet security one might wonder if good will prevail in the real world. But while the unvigilant got hammered by SoBig.F and Blaster, we can rest assured that though internet functionality might be compromised, and we may not be able to see our bank account online, the data itself remains secure due to internal network defense in depth.
While the bulk of the layers of network security occur inside the firewall, it is important to realize that most all data is on a network where virtually every other computer in the world has potential access.
At the most course level, routers and network devices can achieve some degree of protection by filtering IP address. Routers function at the Network layer in the TCP/IP protocol stack and can thus see the IP addressing information. The router achieves this functionality through the use of ACL or access control lists. This can block certain IP addresses or certain ports and thus control traffic flow.
The link for this article located at ebcvg.com is no longer available.