Layers of Network Defense
There are multiple layers of defenses that companies can implement to defend their server infrastructure and mission-critical applications from malware, hacktivists, and more. The great benefit of reviewing your network design for your mission critical infrastructure in this way is that not only does it force you to address each layer; it also provides you with a hot sheet of where to investigate if a beach does occur. We will be starting in the physical world and ending at the application actually being utilized by your employees and clients.
The physical world is where all of the physical cabling and physical equipment exists in your infrastructure. The best way to protect equipment in this part of the world is through traditional security precautions you might use for any valuable items. This can include 24x7 security, surveillance equipment, and key card and biometric authorization to access the space where this equipment is. These tools are in place in the Vault Networks data center for all of our product offerings.
The next layer would be the networks where all of these things communicate - public networks for clients to access such the infrastructure they use to access the website as well as internal networks for departments to share documents and communications. This is also how you would defend this particular layer - having everything in one network would be a problem as it is highly unlikely you want clients viewing the contracts of other clients - or your employee’s HR records, for that matter. Because of this, it is pivotal to split up the networks into private and public areas so that the appropriate parties can access the appropriate material. VLANs are available for all Vault Networks products to enable you to create this security level. This can also be managed by utilizing firewall access rules such as those provided with our vnCloud service, or by modifying with rules that you may have in a pre-existing firewall. Just note that the firewall needs to be in the physical world defending the infrastructure as well - if you have a firewall on an unrelated network to your server, then it isn't defending it!
From this point on, things will be exclusively in the virtual world, starting with the Operating System. As any IT expert will tell you, it is always incredibly important to apply security patches and updates when available from your vendors. This applies to Linux distros such as Ubuntu or CentOS as well as Microsoft Windows Products. Typically new updates arrive on Tuesdays, so always be sure to keep an eye on these updates as they come.
The 5th layer is the most difficult element to manage of all - the User. While most users are well-meaning, without proper training an employee user of your infrastructure can be the most destructive element that exists in the picture, as they can ignore security warning and allow malware into the system from sheer ignorance (or they can do so through ill intent if the employee has a grudge). The tools available at these level are training to educate the user, and rules regarding the use of the infrastructure to ensure that no foul play occurs (or if it does then the appropriate management can occur, which will vary from company to company).
The final level is the actual application that is utilized. After all, if IT isn't managing the applications being utilized in the organization, how can you track if a bad application is what caused the problem? Appropriate tracking of any tools that are plugged into the system after initial installation is key to having a complete list of leads to look into after a breach. If IT didn't know that users were just transferring files on Dropbox, despite company rules, then finding the source of a breach can be difficult, if not impossible.