Home »
Network Security Tutorial
Network Security Architectures
By IncludeHelp Last updated : July 27, 2024
The following are the network security architecture models:
- Security Zones (DMZ, Trusted/Untrusted Zones)
- Network Segmentation
- Defense in Depth
- Zero Trust Architecture
Let us discuss each model in detail.
1. Security Zones (DMZ, Trusted/Untrusted Zones)
Security zones are defined areas within a network with specific security policies and access controls. These zones help manage and reduce risks by separating different types of traffic and resources.
The following are the types of security zones:
- Trusted Zones
- Untrusted Zones
- DMZ (Demilitarized Zone)
2. Network Segmentation
Network segmentation is the practice of splitting a network into smaller subnetworks, or segments. Each segment acts as an isolated zone with its security policies and access controls. By restricting communication between segments, organizations can limit the spread of malware and unauthorized access.
3. Defense in Depth
Defense in Depth is a security strategy that uses multiple layers of defence to protect your network. The idea is that if one layer fails, others will still provide protection. This approach ensures that your network is secure from various types of threats and attacks.
4. Zero Trust Architecture
Zero Trust Architecture refers to a framework that demands proper identity verification for every person and device attempting to access resources on a private network, whether they are within or outside the network's edge. Unlike traditional "castle and moat" security models, ZTA assumes that threats can come from within and outside the network.