Here is one of the best recommended Architecture for Network and Security Advisors which proposed by F5, and considers Ingress Traffic as "Reverse/Forward Proxy" Model to be Mitigated at Three different Tiers.
* In this Design, Most of Anomalies and Volumetric Attacks should be Detected and Mitigated on the "First-tier (Cloud Tier)". As a result, our desired Cloud Service Provider publishes and protects our critical Services, before they could reach out our main Data Center.
* Next, all the Legitimate and even probable Bad Actors should be checked on "Second-tier (Network Tier)" for other types of Attack Vectors and/or Anomalies which could not be found on the First Line of Defense (Cloud Tier). For Example, some of the vital components of the "Network Tier" are including: L2-L4 DDoS Protection Engine, North-South NGFW, IPS, and Threat Intelligence Feedback Services.
* Then, we should be involved on the "Third-tier (Application Tier)" before accessing the 'Server-farm' to perform some of the remained tasks including: SSL Off-loading, TLS Handshake Attack Mitigation, L7 DDoS Protection, ADC (Application Delivery Controller) Deployment, East-West NGFW, and so on
No comments:
Post a Comment