Building a SOLlD, Secure Network
Wednesday, June 11, 2008
Posted by: Irene E. Edge
By: Irene E. Edge, Assistant Professor, Kent State University (firstname.lastname@example.org)
Northeast Ohio Chapter, AITP
Mark Ciampa, leading author of network security textbooks for Course Technology, states: "Although you need many defenses to withstand attacks, you base these defenses on a few fundamental security principles: protecting systems by layering, limiting, diversity, obscurity, and simplicity."1
I have always found it effective to create an acronym when trying to remember elements of a list, so by taking the first letter of these five principles, the letters can be rearranged to form the acronym SOLlD. [Note: The second L is intended to be lower case (to resemble an i).]
Here is my explanation of the acronym SOLlD as it refers to building a secure network:
Simplicity - Though you want to build your network complex enough on the outside to ward off intruders, you do not want to create internal policies and procedures that are too difficult to manage preventing users from being productive in their daily tasks.
Obscurity - Concealing internal network activity from external view should be one objective of the security implementation. Included in obscurity should also be the avoidance of clear patterns of behavior -- even to the point of random time settings for synchronizing critical data across the domain.
Layering - Building layers of defense to protect information security is critical. Layering includes the physical grounds as well.
limiting - Allowing limited access to information through authentication, permissions, access rights, distribution of keys or other access to the physical grounds reduces attacks.
Diversity - The application of security techniques (e.g., technologies, hardware and software manufacturers, passwords, traffic filters) that are different will ensure that intrusion at one layer will not guarantee further access by the same method.
I encourage you to carefully examine the system that is housing your valuable data. Can you apply the SOLlD set of principles to your security plan? Consider what is missing so that you can create a SOLlD, secure network, protecting your valuable information from attacks.
 Ciampa, Mark. Security+ Guide to Network Security Fundamentals, 2nd edition. Course Technology, 2005, p.72.