Domains of Trust

To segment a network into parts, based on similar policy and concerns, domains of trust are established. The required system security in a network can vary in terms of importance to the business and the likelihood of being attacked. Consistent security controls should be applied within a segment, and trust relationships should be defined between segments. Segments can have different trust models, depending on the security needed.

Figure 10-10 illustrates two domains of trust examples. Case 1 includes internal and external portions of a network in the domain on the far left; the security policy within that domain will not be consistent, though. In contrast, Case 2 includes four domains, each with unique security requirements, and is therefore a better division into domains of trust.

Figure 10-10 Domains of Trust Case 1

Figure 10-10 Domains of Trust Case 1

VPN ¡=30 Remote

Case 2

flP

of

w 49

Labs

H

Employees

External Servers

External Servers

Was this article helpful?

0 0

Post a comment