HOME

TheInfoList



Click Here for Items Related To - Software-defined Protection
OR:
Software-defined Protection on:   [Wikipedia]   [Google]   [Amazon]

Software-defined protection (SDP) is a computer
network security Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves th ...
architecture and methodology that combines network security devices and defensive protections which leverage both internal and external intelligence sources. An SDP infrastructure is designed to be modular, scalable, and secure. The SDP architecture partitions the security infrastructure into three interconnected layers. The Enforcement Layer inspects traffic and enforces protection within well-defined network segments. The Control Layer generates security policies and deploys those protections to enforcement points. The Management Layer orchestrates the infrastructure and integrates security with business processes. The SDP architecture supports traditional network security and access control policy requirements, as well as the threat prevention required for enterprises implementing technologies such as mobile computing and software-defined Networking (SDN).


Enforcement Layer

The Enforcement Layer of SDP enables organizations to design segmented networks, implement physical and virtual security enforcement points based upon that segmentation, and execute the protection logic for the prescribed network segments. SDP incorporates the principal of segmentation into the Enforcement Layer. Segmentation divides a network into compartments that have different security characteristics. Based upon segment requirements, security controls are established for threat containment and recovery. Enforcement points, or platforms for executing protections, must then be implemented at the boundaries of the segments to enforce the defined protection logic. Enforcement points may be implemented as network security gateways, host-based software, mobile device applications, or virtual machines in the
cloud In meteorology, a cloud is an aerosol consisting of a visible mass of miniature liquid droplets, frozen crystals, or other particles suspended in the atmosphere of a planetary body or similar space. Water or various other chemicals may ...
.


Control Layer

The Control Layer is the core of the SDP architecture. Its role is to generate protections and deploy them for execution at the appropriate enforcement points within the Enforcement Layer. To develop the appropriate protections, the Control Layer relies upon repositories of data that include knowledge of the organization and its information systems (
Access Control In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of ''accessing'' may mean consuming ...
), knowledge of data assets and their classifications (
data protection Information privacy is the relationship between the collection and dissemination of data, technology, the public expectation of privacy, contextual information norms, and the legal and political issues surrounding them. It is also known as da ...
) and knowledge of threats (
threat prevention A threat is a communication of intent to inflict harm or loss on another person. Intimidation is a tactic used between conflicting parties to make the other timid or psychologically insecure for coercion or control. The act of intimidation for co ...
). Security Solutions commonly implemented within the Control layer include firewall, anti-virus, application control, threat emulation, anti-bot, anti-spam and email security, data loss prevention (DLP), and intrusion prevention systems (IPS). Through systematic mapping of these protective controls to the associated risk for each segment and its assets within the Enforcement Layer, organizations can deliver multi-layer protection against attacks.


Management Layer

The Management Layer serves as the interface between network administrators and the other two layers of the SDP infrastructure. This layer supports the enterprise segmentation and enables the definition of access and data control policies and the activation of threat prevention separately. The Management Layer also provides the ability to delegate management to specific administrators who can work with them simultaneously. The Management Layer provides visibility into what is happening in the network, supports proactive incident response, and provides the intelligence required to tailor security controls for the organization.


References

{{Reflist Computer network security Network architecture