Active Defense
The U.S. Department of Defense has increasingly required its networks to use an active defense paradigm, as shown in its 2011 strategy document. The basic design requirement is that a network must adapt to attacks. If an attacker is using a specific attack, the network should respond by blocking that attack. If a system is compromised, the network must detect it, remove the system from its trusted network zone, notify administrators that the system needs investigating, and then allow normal operations for the systems that were not part of the incident.
Active defenses require a carefully constructed network and provide many challenges for defenders. The more active defense capabilities a network has, the more likely it is that ...
Get Cyberwarfare: Information Operations in a Connected World, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
