Whitepaper 02-03: Network Perimeter Security
Most small companies struggle with network security, but that does not relieve these companies of the requirements for ensuring the confidentiality, integrity, and availability of their network and network resources. This whitepaper helps small organizations address their network requirements, especially at the physical layout to include at least the following â€œsecurity zones:â€
- public â€“ the organizationâ€™s â€œfaceâ€ to the world (reception via secure entry)
- protected â€“ the organizationâ€™s proprietary information (locked access requiring entry codes or a key â€“Â think a corporate safe)
- internal â€“ employee workspaces (bullpen â€“ normally an open or thinly partitioned area)
- guest â€“ provides an area for visitors to be entertained (think the â€œniceâ€ executive conference room)
Not coincidentally, many logical corporate networks are built to reflect and support that rather simplisticÂ model. Adding to this simple network design is the fact that in most cases an organization will standardize onÂ some single operating system (in this paper weâ€™ll assume the ubiquitous Windows environment, but of course itÂ could be anything). Given these typical constraints and notional logical network setup, we look at someÂ common effects on the organizationâ€™s network security perimeter.