Definition of Perimeter Security

It is very easy to talk about Informatic security in vague and general terms, but difficult to find people without professional training in the subject that they master the jargon and know the concepts behind the words of the slang.

It is the case of the safety perimeter of a network computing, since if you ask users, very few or no one will know how to define what it is, and if the network has or does not have it.

In fact, the name is quite intuitive of the concept it hides, and if we make a parallel with the physical security of a building, the security perimeter protects the edges of the local network from the dangers that may arise from other networks to which it can be interconnected, generally, Internet

People say that Internet it is a network of networks not in vain, since it connects to an infinity of local networks. And these connections are made through a gateway, usually a router

For example, in our home we have a local network set up, since our devices connect to the router, such as the

smartphone and the computer, and from this device, a cable comes out, which is the one that brings the Internet signal. Therefore, we join two different networks allowing the passage of information between one and the other.

If he router or switch it only lets the information pass from one place to another and does not provide any additions in terms of security services, we will have to take care of the prevention contagion of computer viruses and malware attacks in each of the connected terminals, while if we establish measures in the device that acts as a “bridge” between networks (therefore, the perimeter of our local network), we will have created a secure area of ​​doors to indoors.

If we create a safe space between the internal and external network, it is called demilitarized zone

and it allows the passage of incoming information from the local network and the Internet, but the sending of information is only allowed to the Internet, thus protecting the local network by isolation.

What is customary to locate in these demilitarized zones are the servers that can execute tasks and services required from the Internet, such as the email or web server.

Among the security elements that allow us to define perimeter security and a demilitarized zone, we have the firewall, which allows us to block requests that reach services that we do not want, the catwalks antivirus, virtual private networks (VPNs) and honeypots.

These last devices are a “trap” that allows an intruder to be distracted from the real computer systems of the company or organization.

Faced with the dilemma of having to protect several and different devices connected to the local network, we can use a centralized approach, defending a gateway behind which the various terminals connected to the network are parapeted local.

Photos: Fotolia - Peter Jurik / Freshidea

Perimeter Security Topics