In the early days defining your perimeter was easy. The perimeter consisted of your castle. Security consisted of a moat with drawbridge, high walls with guards stationed on top. When a visitor wanted entry he was announced and the landlord decided if he could enter or not.
The early networks had a similar setup. The perimeter was your network and the firewall your perimeter defense. The rules set on the box defined whether or not a connection could enter the perimeter. Since no intelligence was added another rule set defined what connections could get out. The stateless firewall was born.
So ... what is your perimeter? … Is it the data centre that hosts your servers? Is it the buildings where your employees have their desk? Should you consider the Wireless Network your using as a part of the perimeter or as a threat? Mobile devices travelling around are constantly accessing your network swapping out data. Are they outside your perimeter or should you consider them a part of it?
Once your perimeter is defined the challenge gets really started: how will you secure it?
Flyers