Summary
In this chapter, we covered the various security mechanisms typically deployed to protect the enterprise network from threats. We also presented methods to secure the common network services e-mail, DNS, file transfer, and Internet access to avoid costly implementation mistakes. In the securing websites section, we covered leveraging a layered security approach to ensure coverage with a focus on secure coding and database encryption.
Network segmentation was presented as a method to protect internal critical assets from both internal and external threats. The flexibility of trust-based security architecture was presented for securing both internal and external access to the enterprise assets. We explored the three most common network areas, the DMZ, internal network, and internally segmented network, finding ways to simplify implementation and manage security with agile security architecture.
In the next chapter, we will cover securing systems in the enterprise from the data-centric...
