Perhaps the best way to visualize Defense in Depth as it relates to Information Security is to view the recent blockbuster movie: "The Two Towers". When the antagonists approached the perimeter defenses at Helm's Deep, they were first greeted by a volley of arrows. As they approached closer, rocks and boiling oil was thrown on their heads. Then there was the actual wall to contend with. As they brought up siege ladders, they were thrust back with long poles. As they jumped on the tower ramparts they were engaged hand to hand. But despite of the defenses due to the perceived value attached to defeating Rohan, evil nearly prevailed. As of late when one considers network and especially Internet security one might wonder if good will prevail in the real world. . . .
Perhaps the best way to visualize Defense in Depth as it relates to Information Security is to view the recent blockbuster movie: "The Two Towers". When the antagonists approached the perimeter defenses at Helm's Deep, they were first greeted by a volley of arrows. As they approached closer, rocks and boiling oil was thrown on their heads. Then there was the actual wall to contend with. As they brought up siege ladders, they were thrust back with long poles. As they jumped on the tower ramparts they were engaged hand to hand. But despite of the defenses due to the perceived value attached to defeating Rohan, evil nearly prevailed.

As of late when one considers network and especially Internet security one might wonder if good will prevail in the real world. But while the unvigilant got hammered by SoBig.F and Blaster, we can rest assured that though internet functionality might be compromised, and we may not be able to see our bank account online, the data itself remains secure due to internal network defense in depth.

While the bulk of the layers of network security occur inside the firewall, it is important to realize that most all data is on a network where virtually every other computer in the world has potential access.

At the most course level, routers and network devices can achieve some degree of protection by filtering IP address. Routers function at the Network layer in the TCP/IP protocol stack and can thus see the IP addressing information. The router achieves this functionality through the use of ACL or access control lists. This can block certain IP addresses or certain ports and thus control traffic flow.

The link for this article located at ebcvg.com is no longer available.