The Edge (of the Network) is Everywhere Redefining the traditional sense of the perimeter

For many years the primary focus of network defense concentrated on securing the 'edge.' This concept of the edge or perimeter was a clearly demarcated point on the network. This security model proved to be effective. In keeping with the cat and mouse game, attackers shifted their focus to target inside machines and users with phishing tactics and zero-day malware. Once a user's machine is under the control of an attacker, the edge defenses are usually less effective. In addition, many organizations lack network segmentation and authorization, allowing the attacker to pivot throughout the network. The concept of the edge needs to be redefined. Today's edge extends well beyond the traditional perimeter into the internal network. As such a 'zero trust' network security model should be adopted. In order to secure the edge of today, the technology needs to be flexible and capable of following a user no matter the location or device. Static controls are no longer the answer. A layer 7 firewall with user-based policies can be utilized to create internal network segmentation. Technologies referenced for implementing this security model will be a Fortinet security appliance, Fortinet's single sign-on technology, and Microsoft Active Directory.