When it comes to network security, the perimeter has traditionally been the primary defense. Organizations have invested a significant amount of time, money and resources into firewalls and other perimeter security technologies aimed at keeping unauthorized network traffic outside and sensitive company information inside. Lately, there have been a lot of pundits and analysts stating that the perimeter is dead. In this SearchSecurity article, Mike Chapple declares the obituary of the perimeter both premature and wreckless.
What Mike points out is that the perimeter is not “dead”, it is just not the primary focus any longer. I, myself, have stated that the perimeter has shrunk and the focus has changed. We have an increasingly mobile workforce, and an ever-growing population of wireless / mobile devices, combined with the realization that the authorized users inside the network are also a threat. The bottom line is that the perimeter is still a vital and important aspect of network security (as well as being required by most infosec statutes and mandates), but it can not be relied upon as the sole, or even primary defense for the network. Attention has to be given to protecting the endpoints, and securing the wireless airwaves, and proactively defending against other threats that a perimeter firewall won’t protect the network from.