The purpose of The Tips and Tricks Guide to Secure Content Appliances is to answer common questions about secure content appliances and their role in enterprise security. The guide is divided into four volumes. Each volume is presented in a Q & A format, and discusses the following four topics: Business Justification for Secure Content Appliances, Policies and Procedures for Secure Content Management, System Architecture and Secure Content Management, and Secure Content Appliance Performance. Together the four volumes address the many of the questions that arise when considering the deployment of a secure content appliance.
Q: How does a secure content device complement other security devices?
A: A secure content device compliments several security devices, including:
No single security device can address all security threats; in addition, some degree of overlap provides supplementary protection to an enterprise’s information infrastructure.
Q: What topics should be addressed in secure content policies?
A: Content policies can be organized around two dimensions: first, services provided on the network, including:
Second, based on threats, such as
There is clearly overlap, for example, between how spam is handled in an SMTP email system and a POP3 email system. At the same time, different protocols or services have different vulnerabilities and require different types of monitoring. For example, private or confidential information can be transmitted via email or FTP; however, FTP’s long history of vulnerabilities warrants attention to those conditions.
Q: Where should a secure content appliance be placed?
A: Secure content appliances are used to control what is allowed to enter and leave an organization's network. It follows logically that the device should be located on the perimeter of the network. Perimeters can use a single layer of defense with a single level of firewalls that block ports and filter network traffic at the lower levels of the OSI network model. A common configuration creates a multi-level perimeter known as a DMZ (de-militarized zone).
DMZs use multiple network segments to create three zones: the external zone, which includes the Internet; the internal zone, which includes an organization's network, servers, desktops, and other devices accessible to the internal network; and the DMZ, which lies between the internal and external zone.
Q: What are threats to content and information assets must organizations address?
A: The major threats to information assets include:
Left unchecked, these threats can leave organizations with compromised computers, security breaches, loss of information, identity theft victims, and reduced ROI on information technology (IT) investments because resources are consumed with non-business related content.
By sponsoring a book with Realtime Publishers, you will connect your technology company with thousands of IT professionals who need information on the technology topic of your choice. Realtime Publishers works with only the best authors in the IT field to produce expert-level publications that appeal to and educate the IT professional audience.
Visit sponsorships.realtimepublishers.com to learn more about our wide array of sponsorship and content marketing opportunities.