In data protection, defense in depth relates to the coordination of different security mechanisms used to defend the authenticity of an organization’s operational resources. A complicated and multi-layered security plan is more challenging to defeat than breaking past a single impediment, which is the underlying military philosophy behind this method (Hu et al., 2019). A Modern Distributed Data Communication System (DDCS) is made up of hardware and software components that allow data to be created and transferred across a numerous computer nodes and between several workstations and servers (Hu et al., 2019). Due to the high degree of complexity in these technologies, many vulnerabilities might be leveraged to weaken the safety or completeness of the data they are designed to safeguard (Hu et al., 2019). To implement a multi-tiered defensive plan, often known as defense in-depth, it is necessary to consider a variety of known vulnerabilities.
By providing a network with several layers of security, it lessens the possibility that any type of malware will be effective in their endeavors to get permissions to the network or any other connection that they may choose to join. A defense-in-depth strategy can help minimize the damage that cybercriminals can do to a website if and when they gain entry while also giving server admins the time to deploy the most up-to-date and comprehensive security measures (Abdelghani, 2019). Many different types of software and hardware may be utilized to provide network security protection. A list of the apparatus used in the creation of the LAN are provided below, and it are addressed fully in the report.
First, intrusion detection systems (IDS) and intrusion prevention systems (IPS) identify hazards that can take the shape of ransomware, spyware, viruses, parasites, and various other types of assaults. They also detect dangers that are generated as a result of policies being violated (Cai et al., 2019). It is important to note that the primary distinction between the two tools is that IDS programs quietly analyze and log activities. In contrast, IPS solutions do continuous monitoring to detect and block assaults from known and unknown origins (Cai et al., 2019). Both systems can identify and categorize the kind of assaults that are being launched. Second, anti-Malware is software that assists the system administrator in detecting and eliminating malware that has been transmitted throughout the network (Cai et al., 2019). Anti-malware is constantly on the lookout for various forms of loopholes in the connection, such as security defenses in computer systems, websites, operating systems, and other programs, among other factors.
Third, proxy servers operate as a middleman between clients attempting to access demand to request solutions and the services themselves. When clients establish a connection with the proxy server, the network device will seek the assistance the client desires. The proxy server prevents the client from accessing its IP address (Cai et al., 2019). Fourth, firewalls are often deployed between a worldwide exterior network and a protected internal network to ensure that both networks are protected. Firewalls are used to monitor and manage the traffic flows following the security procedures that the network administration has established (Cai et al., 2019). Many different types of security gadgets may be used and put to use in different situations. The network diagram that I have drawn is a simple local area network (LAN) that may be utilized in various circumstances. It is built on firewalls, intrusion detection systems, intrusion prevention systems, and proxy servers.
References
Abdelghani, T. (2019). Implementation of defense in depth strategy to secure industrial control system in critical infrastructures.American Journal of Artificial Intelligence, 3(2), 17-22.
Cai, C., Mei, S., & Zhong, W. (2019). Configuration of intrusion prevention systems based on a legal user: The case for using intrusion prevention systems instead of intrusion detection systems.Information Technology and Management, 20(2), 55-71.
Hu, Z., Mukhin, V., Kornaga, Y., Herasymenko, O., & Mostoviy, Y. (2019). The analytical model for distributed computer system parameters control based on multi-factoring estimations. Journal of Network and Systems Management, 27(2), 351-365.