Online server security is becoming by necessity complicated as attacks levelled at online infrastructure become more sophisticated. For this reason the concept of security via “defence in depth” has become the gold standard in online security. The idea of defence in depth is that multiple layers of countermeasures are deployed against a would be attacker with each requiring different expertise, levels of access and luck to breach.
A secure server deployment employing a defence in depth has three layers of security:
- Firewall - Memset Packet Patrol
- Vulnerability Scanning - Memset Perimeter Patrol
- Intrusion Detection - Memset Penetration Patrol
Each of these layers represents a different and vital facet of keeping a server secure. When they are all in place they will complement each other in that trying to circumvent one will likely show up in another making a successful, unnoticed attack extremely difficult to carry out.
The first layer of protection is a firewall which limits the exposure of the server to malicious traffic and ensures that all traffic is restricted to permitted ports and protocols.
The second layer of protection is vulnerability scanning which ensures that all network facing software is up-to-date and correctly configured limiting the attack surface of the server.
The final security measure is intrusion detection which will detect unauthorised entry or abnormal operations on the server should the first two countermeasures fail or a trusted party is performing unauthorised actions on the server.
Please navigate to the relevant sections to find out more information on what these security countermeasures are and how to configure these Memset services.
Last updated 11 February 2016, 09:59 GMT