Forum Sounds The Trumpets For Defense In Depth

Jericho Forum stresses limitations of border security.

Jordan Wiens, Contributor

March 6, 2008

2 Min Read
InformationWeek logo in a gray background | InformationWeek

The Jericho Forum has attracted its share of skepticism over the years, much of it directed at the extremist version of what the group espouses. Named for the biblical city of Jericho, which saw its walls tumble in the face of a, shall we say, divine battle plan, the Jericho Forum believes that network defenses shouldn't depend on a hard exterior. Instead, the forum espouses what many security practitioners have long advocated: defense in depth. InformationWeek Reports

Jericho doesn't dismiss all border protection--it admits that conventional security systems will continue to have roles--but it does stress their limitations. Its alternate philosophy of "deperimeterization" makes sense for a number of reasons.

First, as more applications move to the Web and new protocols are created on top of HTTP, traditional network inspection products are increasingly useless. Second, the shift from attacking servers to targeting clients that has gradually taken place over the past six years means that a DMZ server getting owned is less probable than an internal client becoming compromised. Today, an attack is all too likely to strike at the very core of your network. Finally, as more devices regularly leave and re-enter your borders, the simplest way though a boundary network firewall might be on the laptop of a salesman returning from a business trip.

Does a layered defense obviate the utility of border unified threat management? Not at all. Indeed, one disadvantage of defense-in-depth security is the amount of resources required to make it happen. Because UTM allows for a variety of protection measures with reduced implementation and administration complexity, it should be easier to implement those additional internal controls, resting assured that your walls will stand. See more.

Return to the story:
Trend Report: Unified Threat Management

Read more about:

20082008

About the Author

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights