JIE-READY STEP 2: Defense in depth

/by

Defense in depth is a term and idea that is not new to the information technology world. A classic implementation at the network level of defense in depth is segmentation, or building enclaves. In certain cases, segmentation was taken to an extreme level, resulting in massive decentralization of computing environments. Unfortunately this decentralization does not remove the need for these segments or enclaves to communicate with other information assets. Thus the segments or enclaves are connected to the network from which they may have originally been divested. This does not mean that security controls restricting or monitoring access to these enclaves was removed. What it does mean is that there is a very high likelihood of major redundancy implemented while attempting to secure or control these segments.

jiestep2The RedSeal model can be leveraged to not only identify these redundancies visually, but to also identify the efficacy of these controls by measuring access across and through the entire network. Investigating one segment of the network and the control mechanisms related to the segment is not sufficient. The network must be measured as a whole operating entity or system to effectively identify all possible access and points of control. Through these means, RedSeal will be providing another unique benefit to JRSS and enhancing the preparedness for JIE.

Understanding the current behavior of segmentation and the effectiveness of controlling access to these segments or enclaves will assist with reducing redundancy in the current operational system while increasing efficacy. There may be too many rules in a firewall creating overly-restrictive access and operational bog to the system. There may be too many routers providing similar or identical access to systems, between systems, or across network boundaries. Perhaps there are too many layers of load balancing performing additional address translations and VIP presentations that are not only difficult to manage but not really providing any more security. RedSeal will identify and measure all the avenues of access and represent it visually and via a myriad of reporting techniques in technical depth.

Our next blog will discuss Step 3 – Visualization before Migration.