(also network perimeter, perimeter security)
Security perimeter definition
Security perimeter in cybersecurity includes multiple security solutions that you can use to protect your network from hackers, cyberattacks, and other unauthorized access. Additionally, the purpose of a security perimeter is to protect private networks by detecting threats, providing 24/7 monitoring, analyzing attack patterns, and responding effectively. So a security perimeter serves as a secure wall between private networks like a company’s intranet and the public internet.
See also: screened subnet firewall, area border router
Security perimeter components
- Border routers. They serve to direct the traffic that comes into, goes out of, and passes through a network. A border router is the last router that a company controls before traffic goes out to an unfamiliar and unprotected network, like the internet.
- Firewalls. They are used to additionally filter the traffic that goes through border routers by following specific rules you set to allow or block certain types of outgoing or incoming traffic.
- Intrusion detection system. This is essentially an alarm system that detects and informs you of suspicious activity on your network. You use one or more devices to create a comprehensive detection system, placing sensors at strategic points in your network.
- Intrusion prevention system. As opposed to an intrusion detection system that notifies you of potential threats, an intrusion prevention system can automatically defend your network without you having to interfere directly.
- Demilitarized zones/screened subnets. These small networks are connected to firewalls and do not contain valuable information. Instead, they include public services that are protected by the firewall or other filtering tools.