Bringing this back to security—instead of thinking “I need a firewall,” you should be thinking “I need a Policy Enforcement Point that can control network traffic, and a way to define that policy across my infrastructure.” Or, from another angle—instead of thinking “I need to deploy an IDS here to examine my web app traffic for SQL injections,” you should be thinking “I need to make sure that the web application traffic is scanned for SQL injections before it is processed by the app. I have several PEPs in my architecture that may be able to accomplish this goal.” -- Zero Trust Security, An Enterprise Guide, p51
Sunday, March 7. 2021
"Policy Enforcement" vs "Firewall/IDS"
Trackbacks
Trackback specific URI for this entry
No Trackbacks