Network Attack Surface
by Brent Kirkpatrick
(Date Published: 1/24/2018.)
Suppose you have an old, unsupported Windows 95 machine, that you absolutely must keep running and keep connected to the Internet. This machine has major vulnerabilities. Where do those vulnerabilities appear on your network attack surface?
Suppose you have a network of 10 routers and 100 end-points, some of which are clients and some are servers. There are at least 3.5 x 10113 ways to arrange your network. You want a configuration that aids security and reduces your network attack surface.
With a dynamic network where some uses move from router to router, you need to be even more careful of the network attack surface. Suppose your unsupported Windows machine is a laptop that uses the wireless network. How do you arrange your wireless routers to mitigate the vulnerabilities of a mobile, unsupported computer? It is literally a walking mess of vulnerabilities.
Intrepid Net Computing can share principles of secure network design. Secure your infrastructure. Secure your data.
defendIT (TM). AI-driven security measures derived from security incident data.