Today’s networks balance opening up with locking down. The model perimeter, with a single access gateway protected with a firewall, is quickly disappearing. All end-points should now run their own firewalls. All hosts (particularly high valued servers) should now be bastion hosts. Access across the network should be locked down by default, and then opened up only for particular services.
I think we see this change reflected in several trends. The ongoing focus on detection controls over defensive controls is because modern networks have a significantly broader attack surface. Last year’s focus on end-point security was about making computers bastion hosts. Risk management and governance is a hot topic now and it seeks to understand and protect business networks in their entirety, end-to-end.
I can only use my own firm as an example. We have some 17 dedicated connections coming in from partners and exchanges. We have five inter-office connections. We have 6 perimeter firewalls, or 7 if you include the Microsoft ISA server. All servers are running a host firewall and are locked down. All this so we can gain access to the resources of partners and vendors, and to provide resources to partners and clients. And this is in a relatively small company with less than 200 employees. Imagine the complexity of mid-sized and enterprise networks.
Open Up. Collaborate and succeed. Lock Down. Secure and protect.
J Wolfgang Goerlich
The eroding enterprise boundary: Lock Down and Open Up
http://www.theregister.co.uk/2009/03/12/eroding_enterprise_boundary/
IBM Security Technology Outlook: An outlook on emerging security technology trends.
ftp://ftp.software.ibm.com/software/tivoli/whitepapers/outlook_emerging_security_technology_trends.pdf