#
Perimeter
The concept of a network perimeter is a foundational principle in the realm of cybersecurity. Simply put, a network perimeter is the defined boundary where an internal network interfaces with external networks. This could be the internet at large or other external systems. In more tangible terms, the network perimeter is often embodied by devices such as routers, firewalls, and load balancers – the gatekeepers of traffic entering or exiting your network.
The network perimeter serves as the first line of defense against potential security threats. By securing and monitoring this boundary, IT professionals can control what information enters and exits the network, and mitigate the risks posed by malicious actors.
Identifying the network perimeter is crucial for an IT professional. Here are some steps to help you outline your network perimeter:
Map Your Network: Start by creating a network diagram. This should include all your networking devices, servers, workstations, and wireless access points. Don’t forget to include remote and cloud resources if they're a part of your network infrastructure.
Identify Your Boundaries: After mapping your network, identify where it interfaces with external systems. These are the points of entry into your network and can include your internet connection, remote access points, and cloud service connections.
Note Down Network Boxes: Make a note of all the hardware that sit at these boundaries, such as routers, firewalls, or modems. These are part of your network perimeter.
Include Remote Connections: In today's remote-first work environment, a device connecting via VPN or other remote access technology is also part of your network perimeter. Ensure you have a clear inventory of these devices and their security configurations.
Update Regularly: Networks evolve. What your network perimeter looks like today might change tomorrow. Regularly review and update your network perimeter definition as changes occur.
Remember, in the era of cloud-based resources and remote working, the traditional notion of the network perimeter is expanding. Modern IT professionals often work with a 'perimeterless' network, where each device and user serves as its own micro-perimeter. In these cases, identifying the network perimeter involves a comprehensive inventory of all devices, users, and their respective access privileges.
#
Examples
#
Example 1
Imagine you have a router in the office that also serves as your VPN gateway in the office network. In that case your network perimeter is the public IP address of the router.
#
Example 2
Imagine you have a few servers in the Datacenter as well as the office network. Most probably your internet provider has given you a small IPv4 range in the datacenter for internet connection and your office ISP provided the router/modem with another public IP address. In that case we advise you to have 2 deployments - one for the datacenter (you would put the range of IP addresses as a perimeter) and one for the router.
#
Example 3
You have your own CIDR block, ASN and you use BGP. Congratulations! You can use your network inventory to determine the perimeter and use that. If you need advanced scanning configuration or filtering on a different layer, drop us email at [email protected]. Also, check out ELLIO: Intelligence, as it probably will be more suitable for you.