While perimeter defenses may remain in place, they will play a lesser part of the overall protective function and become more distributed. Above depicts scenarios in which the combination of network firewalls and security overlays allows implementation of a typical zone model across the multiple organizations, sites, users and mobile devices that perform the work of the enterprise.

While cautioning that much of the vision of de-perimeterized is not yet practical, there is a clear value in adopting a layered model approach as a targeted security model for the future. The reality of de-perimeterization shifts the emphasis on risk mitigation and investment in policy enforcement mechanisms to resources-hosting systems and applications.

Fundamentals

1. The scope and level of protection should be specific and appropriate to the asset at risk.

• Business demands that security enables business agility and is cost-effective.
• Whereas boundary firewalls may continue to provide basic network protection individual systems and data will need to be capable of protecting themselves.
• In general, it’s easier to protect an asset the closer protection is provided.

1. Security mechanisms must be pervasive, simple, scalable, and easy to manage.

• Unnecessary complexity is a threat to good security.
• Coherent security principles are required which span all tiers of the architecture.
• Security mechanisms must scale; from small objects to large objects.
• To be simple and scalable, interoperable security “building blocks” need to be capable of being combined to provide the required security mechanisms.

1. Assume context at your peril.

• Security solutions designed for one environment may not be transferable to work in another. Thus, it is important to understand the limitations of any security solution.

1. Problems, limitations, and issues can come from a variety of sources, including geographic, legal, technical, acceptability of risk, etc. Devices and applications must communicate using open, secure protocols.

• Security through obscurity is a flawed assumption – secure protocols demand open peer review to provide robust assessment and thus wide acceptance and use.
• The security requirements of confidentiality, integrity, and availability (reliability) should be assessed and built in to protocols.
• Encrypted encapsulation should only be used when appropriate and does not solve everything.

1. All devices must be capable of maintaining their security policy on an un-trusted network.

• A “security policy” defines the rules with regard to the protection of the asset.
• Rules must be complete with respect to an arbitrary context.

Any implementation must be capable of surviving on the raw Internet; e.g., will not break on any input.