Rather interesting blog over at Tao Security, where Richard Bejtlich has upgraded his four-year old his concept of of defensible network architecture with the Defensible Network Architecture 2.0. Doing the following steps is the best way, as he says it, to resist intrusion, as absolute and complete intrusion prevention is simply impossible.
The basic tenants of a defensible network is one that is monitored, controlled, minimized, and current. And perhaps the key to the approach is, as Mike Rothman says over at Security Incite, is that security is 'a state of mind.' Also, security is a continuous process that takes years to achieve, and is not a simply overnight fix.
Bejtlich lays out his approach in seven steps, in order of importance, and they are:
Monitored
Inventoried
Controlled
Claimed
Minimized
Assessed
Current
The read a break-down of each step, click right here.
Leave a comment