Defence in Depth for Securing Computer Systems/Preparation

Baselining edit

Before you can look at defending anything from attack you need to know two things:

1. Where does your boundary lie

2. What exactly are you defending

The first requirement is simple. Where is the boundary of your defences? Where does your domain end and the rest of the world (i.e. internet) begin? You can’t defend the castle if you are unsure where the castle wall is located.

The second requirement is just as simple. What is in your network? What are you defending? What types of defences do you need to mount? There is a quote from the Art of War (Sun Zhu), that describe this type of situation well:

If you know the enemy and know yourself you need not fear the results of a hundred battles

Basically the simple answer is to know what’s out there before the attacker does (and knowing the enemy will come a little later in this paper).

Undertaking baselining activity consists of two steps: