A rarely discussed concept that looms in the background of many common security approaches is defense in depth. It is a concept that merits attention, since it pops up in so many different areas. Perhaps it isn't discussed much because it is so intuitive: It is, simply, the assumption that deploying a number of different tactics is more likely to thwart hackers and attackers than relying on a single approach.
One example is described at Reflection on Software Architecture. The writer describes several defensive layers, including a perimeter firewall, a firewall at the computer, hard drive encryption -- in this example, provided through BitLocker in Vista -- information rights management technology, network isolation software, a virtual private networks (VPNs), and an application gateway.
The National Institution of Standards and Technology (NIST) recently released information on how to protect servers. This note on the research at physorg.com says defense in depth is a valuable tool in this effort. An example offered in the story is guarding points of access to the server and the machines into which the server software is deployed.
Still another area in which the concept finds application is in the wide-area network (WAN). Converge! Network Digest details how defense in depth can be used by planners and engineers to set up security for IP-based communications on these WANs. The writer, an engineer with Sonus Networks, clearly sees defense in depth as a vital way to keep communications secure, especially as it traverses WANs that are not under control of a single corporate entity. The author's definition of dense in depth -- and his view of how it can be beneficial -- is interesting:
Defense-in-depth is the use of multiple, diverse security tools deployed from the perimeter throughout the core network. The result is a "mesh" of multiple layers of protection for mitigating internal and external intrusions. In deploying such a layered security architecture, providers will ensure continued carrier-class reliability and integrity from the pre-IMS environment with the new functionality for NGN style scalability and feature richness.
The concept of defense in depth also is used by developers. This nicely titled blog, Daily Dribblings of a Demented Developer, describes how the concept of defense in depth applies to writing code. The writer says that the three pillars are to "constrain, reject and sanitize." What is more interesting than the definitions of the terms -- which will be of more value to folks who write code -- is the realization that the same concept can be applied across so many divergent areas.
This is the first of a two-part blog post at News By Tom Brownsword on defense in depth. The writer describes the basic idea and discusses hardware (fast and recommended) and software (slow) firewall options. He also makes an interesting point about defense in depth: Most people think it is a way to create more than one chance to stop a threat. A second and less obvious rationale is that not every security measure is designed to stop every threat. Thus, even in a defense in depth environment, some threats are only confronted once.