- Report this article
Abdullah Alshehri CPP®, PSP®, PCI®, CISM®, LPC, CPD 
Abdullah Alshehri CPP®, PSP®, PCI®, CISM®, LPC, CPD
Certified Protection Professional(CPP) Physical Security Professional(PSP) Professional Certified Investigator(PCI) Certified Information Security Manager(CISM) Loss Prevention Certified(LPC) Certified CPTED Professional
Published Dec 12, 2021
+ Follow
Organizations of all sizes are exposed to many types of cyberattacks in the cyberspace, which requires them to strengthen their IT security. IT professionals adopt the best security practices to mitigate the threats by implementing countermeasures in each domain of the seven domains in the IT infrastructure. These domains are regarded as attackers' portals, so it is important to protect each domain and eliminate all possible vulnerabilities to prevent cyberattacks. So, what are these seven domains?
1.User Domain:
The user is the first domain and represents the end-user who accesses the organization's IT infrastructure from either inside the network or outside network. People are often the weakest link in IT security. Without addressing risks associated with users, the strongest technical and physical security cannot protect a company from cyberthreats. To mitigate threats and risks in this domain, the company must establish and implement strong security controls and policies including robust password policies, 2FA (Two-Factor Authentication), acceptable use policy (AUP), access privilege management, conduct employee training and awareness program about cybersecurity threats.
2.Workstation domain
The workstation domain is the next layer that needs strong security controls. This domain contains the device used to access the organization's IT infrastructure (PCs, Laptops, Smartphones, etc.). The user's workstation can be infected by viruses or malware and can be accessed by hackers; therefore, the company should harden all computers that are used by its employees, and adopt the Defense in depth strategy. Hardening is a process whereby a computer is made more resistant to cyber intrusion from malicious attack. This should be made by implementing strong controls through software revisions, security patches, system configuration, and the use of anti-virus, anti-malware, and workstation login ID/passwords.
3.LAN domain:
The third layer is LAN domain, which includes all technologies that establish the local area network and connect to the organization' IT infrastructure. LAN network is a prime target for cyberattacks, so it needs strong controls in place. Segmentation is a good practice where the network is divided for different users (employees vs visitors). This will ensure that when outsiders connect with the network do not infect the network with malware. In addition, the firewall should have egress filtering to limit users’ access to the Internet. Usually, users need access to Port 80/443, but other ports should be authorized case by case. Users should not access the internet from every port to avoid being infected by malware or botnets. The IT also needs to apply Network Security Protocols to encrypt communication, and ensure data transported through network's connections stays safe and secure.
4.LAN to WAN domain
The LAN to WAN domain is where the IT infrastructure connects to the Internet. In this complex domain, important security controls need to be applied. All security appliances in this domain must be configured to comply with policy definitions including the following: (1) IP routers which transport IP packets to and from the internet need to be logically configured, and establishing access control list to filter traffic (Permit or deny traffic); (2) Firewall to filter traffic; (3) Demilitarized zone (LAN segment), which serves as a buffer zone for inbound and outbound traffic; (4) Intrusion detection system examines traffic to identify attack and malicious intent and triggers an alarm once detects a threat; (5) Proxy server, which serves as a middleman where data is analyzed and screened before they relayed to the IT infrastructure; (6) Web content filter, which filters domain names and prevent unauthorized traffic from entering the IT infrastructure; (7) Email content filter, which blocks the content of all emails until properly screened for viruses, then allow clear emails pass to users.
5.WAN domain:
The WAN domain is the wide network where all entities including other businesses, websites, and all external users exist in. By using WAN, end users communicate with the LAN using virtual private networking (VPN), FTP, or Secure Shell (SSH). In this domain, propping the LAN-to-WAN will mitigate any risk comes from WAN. Using firewalls as mentioned before as well as conducting constant penetration tests are very important to ensure that the domain is secured.
6.Remote access domain
The Remote access domain where employees gain access to an organization’s IT infrastructure remotely (e.g., from home). Remote access introduces risks to the IT of the organization.A virtual private network (VPN) is used to provide a secure remote access connection across the Internet. VPN uses encryption and authentication to ensure confidentiality, integrity, and privacy of communications through the network. VPN creates an encrypted communications tunnel over a public network such at the Internet. It is important that users are authenticated before accessing the network through 2FA (Two-Factor Authentication). Robust procedures need to be created for remote access such as conducting regular audits, monitoring logins attempts, and using strict firewall ACLs.
7.System and application domains
The System and application domain includes all system and software applications that users access such as application servers, Web servers, proprietary software, and applications. Database servers host data that is accessed by users, applications, or other servers. Therefore, the use of a data loss prevention system is very important to monitor when and where copies of such files are written, by whom or by what process. It is important to maintain these systems and software by regularly patching them, and installing antimalware/antivirus software to stop infections downloaded through email or from a compromised website. Finally, user training and awareness are essential to ensure that they recognize phishing and social engineering schemes to prevent hackers from penetrating the network through them.
Securing these seven domains is the starting point to address cyberthreats in any company. Regular risk assessments should be conducted to identify risks and threats faced by the company, and effective security measures should be taken to reduce, neutralize and eliminate the identified threats. Establishing an IT security program that encompasses administrative, physical, and technical measures and controls is crucial to ensure that the company IT infrastructure is protected. The Company's employees should receive constant awareness and training sessions to educate them with the security threats including social engineering attacks. Finally, auditing and penetration testing need to be regularly conducted to identify problems proactively and address them.
Help improve contributions
Mark contributions as unhelpful if you find them irrelevant or not valuable to the article. This feedback is private to you and won’t be shared publicly.
Contribution hidden for you
This feedback is never shared publicly, we’ll use it to show better contributions to everyone.
Like
Celebrate
Support
Love
Insightful
Funny
20
2 Comments
'Lanre B.
Senior IT Security Consultant
1y
- Report this comment
Nice piece. what does propping as used in ",propping the LAN-to-WAN..." mean?
1Reaction 2Reactions
See more comments
To view or add a comment, sign in
More articles by this author
No more previous content
- Will Security Robots Substitute Human Security Guards? Jun 23, 2023
- Traditional Policing vs Proactive Policing Dec 2, 2021
- Could you be managed by James ? Jun 7, 2021
- Leadership and the Language of Nonverbal Communication Jun 5, 2021
- Internet Crimes against Children Jun 5, 2021
No more next content
Insights from the community
- Computer Engineering How can you secure endpoints from cyber threats?
- Technical Support How can Technical Support protect their organization from cybersecurity threats?
- Computer Repair What are the most effective ways to detect and respond to cybersecurity threats in real time?
- IT Consulting How can you stay ahead of the latest cybersecurity threats?
- Network Security How can you proactively secure your network with vulnerability scanners?
- Computer Engineering How can you train your team to detect and prevent cyberattacks?
- IT Services How can you make sure your company is prepared for new information security threats?
- Cybersecurity How can your organization's network stay secure?
- Computer Engineering What is the best way to secure your endpoints from zero-day attacks?
- Network Security How do you protect your network from zero-day attacks?
Others also viewed
- 5 Essential Cybersecurity Tips for Protecting Your Business Gino Fernandes Jr 1y
- 6 Ways SASE Can Help Improve Cybersecurity Nationwide Deutsche Telekom Global Business 1y
- What are the constantly evolving threats to your infrastructure and how can you solve them? David R. 7y
- Three Keys to a Multi-layer Security Strategy David Wagner 6y
- The Cyberattacks Your Firewall Won’t Protect You From Travis Cleek 3y
- Why System Updates and Patches are Essential for Cyber Security Truman Roe 1y
- Alarming Cybersecurity Statistics (2023) Houyoux Patrick 8mo
- Cybersecurity Technology Helps Local Businesses Protect Their Networks Against Global Attacks Lee-Anne Coleman 6y
- What are the constantly evolving threats to your infrastructure and how can you solve them? Matthew O'Brien 7y
- 7 Critical Security blind spots that every enterprise should be aware of. Milind Thorat 2y
Explore topics
- Sales
- Marketing
- Business Administration
- HR Management
- Content Management
- Engineering
- Soft Skills
- See All
