Talk:Defense in depth (computing)

This article was nominated for deletion on 20 February 2007. The result of the discussion was keep.

This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Computing: Networking Low‑importance This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles Low This article has been rated as Low-importance on the project's importance scale. This article is supported by Networking task force (assessed as Low-importance). This article is supported by WikiProject Computer Security (assessed as High-importance). Things you can help WikiProject Computer Security with: edit history watch purge Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

Luis F. Gonzalez 22:37, 17 November 2006 (UTC)[reply]

I merged Defense in Depth to this page, and created a disambiguation page at the former. I felt this was the right move because Defense in Depth was describing the computer security term, not the military term, though they're rather intertwined. A redirect felt out of place, as it isn't obvious what someone searching for "defense in depth" really wants to see. I just want to make sure everyone is okay with this. -FrankTobia (talk) 06:41, 22 November 2007 (UTC)[reply]

I noticed that a user recently removed a {{Fact}} tag, for good reason I believe. However we should note that this article has no sources. I am not a computer security expert, and I would feel more comfortable if there was at least once authoritative source to be had. Can anyone either dig one up, or point me in the right direction? -FrankTobia (talk) 18:15, 6 December 2007 (UTC)[reply]

"Writing Secure Code", by Michael Howard and David LeBlanc, Microsoft Press (the second edition is current, but I have the first), has a one-page write-up on Defense in Depth. --MattiasAndersson (talk) 22:18, 28 August 2008 (UTC)[reply]

The website http://www2.sea.siemens.com/Products/Process-Automation/safetyandsecurity/industrialsecurity/Process-Automation-SafetyandSecurity_Security.htm?languagecode=en has links and discussion of Defense in Depth for process control —Preceding unsigned comment added by Shloshed (talk • contribs) 01:44, 16 May 2008 (UTC)[reply]

I've never been paid to do IT, so take this outsider's comment with requisite salt, but: How are "routers and switches" considered a security strategy? If someone clueful agrees with me and removes that line from the article, feel free to remove this comment too, to declutter the talk page. Myself248 (talk) 22:58, 12 June 2009 (UTC)[reply]

Routers and switches provide logs than should be collected and compared against a baseline in order to detect anomalous traffic. Also by implementing features on the switch like turning off unused ports and restricting certain types of traffic to specific ports or spans, you reduce your attack profile. — Preceding unsigned comment added by 108.91.176.27 (talk) 11:46, 17 April 2016 (UTC)[reply]

To elaborate on the previous comment: enterprise grade routers and switches run operating systems. They themselves can be exploited and badness can ensue (replay attacks for example). They also offer a variety of security features: ACLs, VLANs, 802.1x port security. Switches can also be utilized to mitigate risk associated with attacks like ARP flooding or ARP cache poisoning. The list goes on. If you are really curious, look into Cisco IOS hardening guidance.

69.254.150.47 (talk) 20:28, 12 November 2016 (UTC)

There's no date on the linked PDF file, but it does reference earlier work in September of 2000. Surely this isn't the first conception of Defense in Depth as an IT best practice? Perhaps it was already known but under another name and NSA coined this term for an existing practice. Can someone show prior art? -- 24.7.80.209 (talk) 11:39, 10 September 2009 (UTC)[reply]

I agree that this doesn't sound quite right. I'll look into it as well. Jeffp231 (talk) 20:26, 23 January 2010 (UTC)

• Looks to be established possibly by US Defense-wide Information Assurance Program (contains NSA)
• 1998 April USCENTCOM - Seems to be pre-established.

"To this end, the Navy has defined, as an integral part of the IT-21 initiative and the NVI, a Defense in Depth strategy which utilizes currently available protection technology in a layered system of defenses designed to protect the confidentiality, integrity, authenticity and availability of the information and IT systems on which network centric warfare depends" http://www.chips.navy.mil/archives/98_apr/Galik.htm

"Our plans integrate resources from outside the command into an information defense in depth structure. As we look to the future, DIO at USCENTCOM will continue driving to achieve the Joint Vision 2010 goal of information superiority" http://www.chips.navy.mil/archives/98_oct/definfo.htm

"DoD-wide IA requirements, determine the return on our IA investments, and objectively assess our defense-in-depth efforts" http://csrc.nist.gov/nissc/1999/proceeding/papers/o32.pdf

204.108.0.11 (talk) 01:21, 27 February 2010 (UTC)