Apply Defense-in-Depth to Increase Security
Defense-in-depth provides multiple
layers of defense to protect a network environment.
Policies,
Procedures, and Awareness - Security documentation and user
education
Physical
Security - Guards and/or locks
Perimeter
- Firewalls
Internal
Network - Network segments (subnets), IPSec
Host
- OS hardening (latest patches and updates), authentication
Application
- Application hardening and testing, antivirus patches
Data
- ACLs (Access Control Lists/permissions), encryption, EFS
(Encrypting File System)
