Perimeter Security

Now going back to my house construction example, now we are the fencing mode. So we need to build a boundary wall with a gateway trusted access. So to secure our Perimeter first up we need

• Network Policies based on whitelisting.

• Deny All by default.

• Apply ports/protocol level filters.

• Do not allow any to any.

• System to system access policy with firewall rules or network policies.

• Sometimes some cloud providers tend to add external Ip sources on the network policies or security groups of the services managed by them for monitoring, management or security scanning.

• Make sure you validate the whitelisted sources as trusted ones. For example: cloud managed database service or managed kubernetes service or vulnerability scanners. Make sure to confirm these sources with your cloud provider.