Layering Security

When looking at security architecture, it is important to recognize that no single device is without flaws. Every significant application, server, router, and firewall on the market harbors some vulnerabilities. Additionally, all devices have a good chance of being misconfigured, unmonitored, and improperly maintained. On their own, each object will eventually become the weak link that allows a hacker into the network. This understanding is what leads to the expression: “Nothing can be 100% secure.”

If nothing can be 100% secure, then it would certainly not be wise to trust any one device with all security. The firewall, for example, should not be the only thing guarding a perimeter network. Always consider the fact that a security ...

Get Inside the Security Mind: Making the Tough Decisions now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.