Why Do I Need a Data Center Best Practice Security Policy?
Table of Contents
10.2
Expand all | Collapse all
-
- What Is a Data Center Best Practice Security Policy?
- Why Do I Need a Data Center Best Practice Security Policy?
- Data Center Best Practice Methodology
- How Do I Deploy a Data Center Best Practice Security Policy?
- How to Assess Your Data Center
-
- Create the Data Center Best Practice Antivirus Profile
- Create the Data Center Best Practice Anti-Spyware Profile
- Create the Data Center Best Practice Vulnerability Protection Profile
- Create the Data Center Best Practice File Blocking Profile
- Create the Data Center Best Practice WildFire Analysis Profile
- Use Cortex XDR Agent to Protect Data Center Endpoints
- Create Data Center Traffic Block Rules
- Order the Data Center Security Policy Rulebase
- Maintain the Data Center Best Practice Rulebase
- Use Palo Alto Networks Assessment and Review Tools
Why Do I Need a Data Center Best Practice Security Policy?
Ensure the availability, confidentiality, and integrity
of your network and valuable assets from external and internal attacks.
Protecting the availability, confidentiality, and integrity
of your network so that you can run your business securely, without
interruption, and in compliance with regulations governing the protection
of sensitive data, is critical. The idea that hardening the exterior
of the network and allowing the interior of the network to remain
soft because the interior is trusted is outdated, leaves the network
open to attack from the inside, and doesn’t plan for a scenario
in which a determined, resourced, persistent attacker finds a foothold
inside the perimeter. That’s why you need to protect the data center
perimeter and interior as strongly as you protect the enterprise network
perimeter.
Inside attacks can originate from sources such as current employees
or on-site contractors. The common thread in inside attacks is that
the attack comes from a legitimate user or application source. Outside
attacks can originate from cyber-criminals, hacktivists, and state-sponsored
attackers, and from less obvious avenues of attack such as compromised
partner or vendor systems, or a former employee who knows the network.
The first step for an outside attacker is to gain a foothold inside
the network, transforming the attack to an inside attack. In essence, all
breaches are inside attacks even if they originate on the outside,
because once an attacker gains access to the network, the attacker
can roam throughout the network.
If an attacker steals the legitimate access credentials of a
partner, the attacker can access your data center disguised as a
legitimate user. Then, from the “soft, chewy interior” of your network,
the attacker can use your internal servers and endpoints to move
laterally through the network and compromise critical systems. Once
an outside adversary breaches the network, you rely on network and
user segmentation and layered defenses inside the network to protect
your data, the same as when an attack originates from the inside.
Developing a best practice security policy helps protect your
data center from attacks regardless of origin, in a staged and prioritized
manner, securing the most valuable assets first and then phasing
in additional protection. A gradual transition from a hope-for-the-best
security policy to a best practice security policy helps to ensure
the confidentiality of your data, the integrity of your organization,
and the availability of the data center in a practical way. The
following recommendations for designing and implementing a data
center best practice security policy show you how to safely enable
applications, users, and content by classifying all traffic, all
the time, with minimal disruption to end users.