Define and defend perimeter and internal segments of your network
With the proliferation of wireless access points (WAPs), virtual private networks (VPNs), and extranets, it has become increasingly difficult to determine where your network begins and ends. Yet without knowing how your network is laid out, or understanding which segments touch the Internet directly, it will be nearly impossible to begin locking down your network devices.
In this sample chapter from Security Sage's Guide to Hardening the Network Infrastructure, learn how to find your external IP address presence and get a handle on understanding the differences between your core network segments and those that lie on your perimeter. First, master basic concepts that you can use to diagram and understand network topology. Next, learn how to track down domains and rogue networks that your IT department may not be aware of. Finally, examine the notion of assigning a criticality value to each of your internal and external network segments to help you decide how to react when a serious security vulnerability emerges and you are forced to react to protect your company's networks.
Title: Security Sage's Guide to Hardening the Network Infrastructure
Published: March 2004
Authors: Steven Andres, Brian Kenyon, Erik Pace Birkholz (Editor)
Chapter: Chapter 1: Defining Perimeter and Internal Segments
Published by Syngress Publishing