Jump to content

Talk:Defense in depth (computing)

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by SineBot (talk | contribs) at 11:47, 17 April 2016 (Signing comment by 108.91.176.27 - "Routers and switches?: "). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
WikiProject iconComputing: Networking / Security Stub‑class Low‑importance
WikiProject iconThis article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing
StubThis article has been rated as Stub-class on Wikipedia's content assessment scale.
LowThis article has been rated as Low-importance on the project's importance scale.
Taskforce icon
This article is supported by Networking task force (assessed as Low-importance).
Taskforce icon
This article is supported by WikiProject Computer security (assessed as Mid-importance).
Things you can help WikiProject Computer security with:
Article alerts are available, updated by AAlertBot. More information...
  • Review importance and quality of existing articles
  • Identify categories related to Computer Security
  • Tag related articles
  • Identify articles for creation (see also: Article requests)
  • Identify articles for improvement
  • Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
  • Find editors who have shown interest in this subject and ask them to take a look here.

Just started this stub

Luis F. Gonzalez 22:37, 17 November 2006 (UTC)[reply]

Merge from Defense in Depth

I merged Defense in Depth to this page, and created a disambiguation page at the former. I felt this was the right move because Defense in Depth was describing the computer security term, not the military term, though they're rather intertwined. A redirect felt out of place, as it isn't obvious what someone searching for "defense in depth" really wants to see. I just want to make sure everyone is okay with this. -FrankTobia (talk) 06:41, 22 November 2007 (UTC)[reply]

Sources

I noticed that a user recently removed a {{Fact}} tag, for good reason I believe. However we should note that this article has no sources. I am not a computer security expert, and I would feel more comfortable if there was at least once authoritative source to be had. Can anyone either dig one up, or point me in the right direction? -FrankTobia (talk) 18:15, 6 December 2007 (UTC)[reply]

"Writing Secure Code", by Michael Howard and David LeBlanc, Microsoft Press (the second edition is current, but I have the first), has a one-page write-up on Defense in Depth. --MattiasAndersson (talk) 22:18, 28 August 2008 (UTC)[reply]

The website http://www2.sea.siemens.com/Products/Process-Automation/safetyandsecurity/industrialsecurity/Process-Automation-SafetyandSecurity_Security.htm?languagecode=en has links and discussion of Defense in Depth for process control —Preceding unsigned comment added by Shloshed (talkcontribs) 01:44, 16 May 2008 (UTC)[reply]

Routers and switches?

I've never been paid to do IT, so take this outsider's comment with requisite salt, but: How are "routers and switches" considered a security strategy? If someone clueful agrees with me and removes that line from the article, feel free to remove this comment too, to declutter the talk page. Myself248 (talk) 22:58, 12 June 2009 (UTC)[reply]

Routers and switches provide logs than should be collected and compared against a baseline in order to detect anomalous traffic. Also by implementing features on the switch like turning off unused ports and restricting certain types of traffic to specific ports or spans, you reduce your attack profile. — Preceding unsigned comment added by 108.91.176.27 (talk) 11:46, 17 April 2016 (UTC)[reply]

Did NSA really invent this?

There's no date on the linked PDF file, but it does reference earlier work in September of 2000. Surely this isn't the first conception of Defense in Depth as an IT best practice? Perhaps it was already known but under another name and NSA coined this term for an existing practice. Can someone show prior art? -- 24.7.80.209 (talk) 11:39, 10 September 2009 (UTC)[reply]

I agree that this doesn't sound quite right. I'll look into it as well. Jeffp231 (talk) 20:26, 23 January 2010 (UTC)

  • Looks to be established possibly by US Defense-wide Information Assurance Program (contains NSA)
  • 1998 April USCENTCOM - Seems to be pre-established.

"To this end, the Navy has defined, as an integral part of the IT-21 initiative and the NVI, a Defense in Depth strategy which utilizes currently available protection technology in a layered system of defenses designed to protect the confidentiality, integrity, authenticity and availability of the information and IT systems on which network centric warfare depends" http://www.chips.navy.mil/archives/98_apr/Galik.htm

"Our plans integrate resources from outside the command into an information defense in depth structure. As we look to the future, DIO at USCENTCOM will continue driving to achieve the Joint Vision 2010 goal of information superiority" http://www.chips.navy.mil/archives/98_oct/definfo.htm

"DoD-wide IA requirements, determine the return on our IA investments, and objectively assess our defense-in-depth efforts" http://csrc.nist.gov/nissc/1999/proceeding/papers/o32.pdf

204.108.0.11 (talk) 01:21, 27 February 2010 (UTC)

Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:Defense_in_depth_(computing)&oldid=715690502"