Skip to content

Dated: 12-11-2024

Ch02 what Does the Term, Box Security Mean

  • "Box Security" refers to a prevalent approach in the industry, especially in larger organizations in which the solution for every security challenge is in the form of a "box" or device

Box for

  • Email security
  • Web security
  • FW
  • IPS
  • APT attack prevention
  • DDOS prevention
  • Network DLP
  • Network Forensics
  • Others
  • Security is a combination of people, process, and technology
  • Industry observation: most of the devices are not used to full capability or capacity after purchase
  • Case in point: SIEM solution or DB security solution
  • "Box security" is not the silver bullet
  • Although many devices and boxes are required, they do not ensure a good security posture
  • This approach is unfortunately promoted by many vendors who have equipment to sell
  • Consider organizational maturity & readiness
  • Other challenges with "box security" approach:
    • Shortage of staff (IT & security)
    • Training and skill required to operate the sophisticated devices and features
      Pasted image 20241112181103.png
  • Device objectives, and high-level-design (HLD) should be planned prior to commissioning
  • Min operational baseline and configuration should be documented in SOP
  • Device feature set and configuration audits should be conducted on a periodic basis (annual)
Which of the following refers to a prevalent approach in the industry in which the solution for every security challenge is in the form of a "box" or device.
  • box Challenge
  • Box Solution
  • Box Redundancy
  • Box security