005
ENTERPRISE SECURITY BLUEPRINT
ENFORCEMENT LAYER
01
Compart-
mentalization
is critical for the
survival of an
organization
under attack
Motivation for Segmentation
First-generation network security focused on perimeter protection – “a sort of crunchy shell
around a soft, chewy center,” as Bill Cheswick described the underlying concept in 1990. It
stated that the internal network was “trusted,” whereas the external Internet was “untrusted.”
The role of a firewall was to permit outbound connections (from trusted to untrusted) but
prevent inbound connections. Later, next generation firewalls extended this framework by
adding an Intrusion Prevention System (IPS) and user and application awareness capabilities
to provide more granular control of outbound and inbound network traffic.
Now, perimeter protection is no longer enough to protect the enterprise efficiently.
Today’s enterprise information systems are located in multiple physical sites and network
environments and provide services not only to internal users, but also to business partners,
customers and the general public. Corporate assets rely on different types of computing
resources, ranging from mainframe computers to employees’ mobile devices.
As the perimeter continues to blur and expand, many organizations find that the assumption
of a trusted internal network is no longer a safe bet. Motivated attackers can use physical
access, social engineering, compromises within the hardware and software supply chains or
zero-day exploits to eventually breach corporate defensive mechanisms. Internal security
controls are needed to provide visibility and protection over interactions within the
enterprise network.
Compartmentalization is critical for the survival of an organization under attack. Similar to
the concept of an aircraft carrier using sealed watertight compartments to contain damages
and remain afloat when attacked, large organizations should identify the various segments
of their network that have different security characteristics and establish the necessary
security controls for threat containment and recovery.
Introducing enforcement points between users and critical enterprise assets not only allows
for increased visibility when user workstations are compromised by external attackers – it
also works to detect and prevent unauthorized access by internal users, thereby enforcing
the enterprise security policy.
