“…The architecture of the network perimeter is changing. The wisdom of the past was to harden the perimeter as much as possible by layering multiple technologies to detect and protect against threat. The concept was to secure organizational borders and then, after that, the network. There were various business drivers that put this “perimeterization” in sync with the needs of the business. These drivers include:
-
The explosion of IP addresses, with one on nearly every electronic device, and with some of these devices, such as mobile phones, having significant associated business functionality
-
Increased connectivity from outside the enterprise environment by customers, employees, and business partners and
-
Increased business relationships of various forms including relationships in a “coopetition”-a situation where a competitor in one field is also a business partner in another.
One difficulty with the hardened perimeter model is that as more and more technologies are added to the perimeter, the management burden increases, in some cases faster than the rate of deployment of the new technologies. Additionally, with so many “band-aid” type solutions layered at the perimeter, it eventually becomes hardened to the point that it negatively impacts the ability of the business to react effectively to new opportunities or to conduct business. We need to rethink this approach, and need to realize that while we are adding point technologies to the network perimeter in the name of security, we are also dramatically increasing the complexity of the perimeter and thereby making it more difficult for the business to respond to new opportunities…”
To learn more about deperimeterization, check out:
http://technet.microsoft.com/en-us/library/cc512604.aspx
HTH,
Tom
Thomas W Shinder MD, MCSE, MVP