Need Help?

Sales Assistance

800.808.4239 Mon-Fri 7am-7:30pm CT

Answer within 24 hours.

Products Solutions & Services Account Center
More search options

Solutions & Services > Security > Defense In Depth

Defense In Depth

What Is A Defense In Depth Strategy?

Although the seemingly constant stream of new viruses, worms, rootkits, denial of service (DoS) attacks, and other security threats achieve substantial publicity, such threats don’t usually receive notice until significant damage has already occurred.

For most organizations, the network perimeter has expanded and blurred with the proliferation of social networking, remote access, and cloud computing. In addition, operations like yours are frequently required to provide a degree of network access to vendor partners and customers so that they can access pertinent information. With all of these potential entry points, it has never been more imperative for IT stakeholders to proactively support a comprehensive risk management strategy.


The number of known malware in existence.

Source: McAfee Threats Report: First Quarter 2012

Defense In Depth describes a series of strategies that collectively build a security protection plan that mitigates malicious attacks from entering your environment and corrupting your systems and data. Defense In Depth is not just a series of security software and appliances, but a process and constant practice that focuses on protection, detection, and reaction.

How Will Defense In Depth Benefit My Organization?

Implementing foundational security tools like anti-virus, anti-malware, anti-spam, firewalls, content filtering, access controls, encryption, intrusion prevention can deliver big benefits including:

  • Limited exposure to threats—Safeguarding all vectors and protecting your blind spots from new and cutting-edge attacks
  • Safeguards against data loss and crime—Minimizing the disclosure of confidential data
  • Enhanced productivity—Creating a more predictable model for responding to emerging threats

How Can I Help My Organization Embrace Defense In Depth?

When evaluating threat prevention solutions, be sure to:

  • Deploy a suite of products. Many vendors bundle several threat protection technologies into sets, enabling cost savings and improved inter‑operability.
  • Understand where your most sensitive data resides.
  • Determine network vulnerabilities.
  • Outline remediation actions necessary to minimize system and data threats.

What Comprises A Defense In Depth Solution?

There are four key network areas to consider when developing a strong information security strategy:

Gateway And Network

Gateway protection is critically important. Effective threat prevention solutions include anti-virus, anti-spam, content filtering, intrusion prevention, firewall and virtual private network services, and network access control.

Server Security

Attackers see servers as keys to the kingdom. If the server doesn’t contain the information sought, it provides a means of accessing it. Anti‑malware protection, authentication, IP security, and content filtering can help minimize this threat.

Client Security

Attackers often attempt to compromise client systems to gain access. Threat prevention tools include anti‑virus, personal firewalls, threat protection, and anti-spyware.

Application Security

Attackers can exploit vulnerabilities in application code to access or manipulate the information within it. Employing firewalls and authentications to protect applications and implementing security policies can mitigate these risks.

Getting Started With Defense In Depth:

Your CDW·G Account Manager and certified Solution Architects are ready to assist you with every phase of selecting and implementing the right solution for your IT environment. Our approach includes:

  • An initial discovery session to understand your goals, requirements, and budget
  • An assessment review of your existing environment and definition of project requirements
  • Detailed vendor evaluations, recommendations, future design, and proof of concept
  • Procurement, configuration, and deployment of the final solution
  • Ongoing product lifecycle support

Security Partnerships and Certifications

  • Certified Cisco Systems Integrator
  • Certified Ethical Hacker (CEH)
  • CISA (Certified Information Systems Auditor)
  • Cisco Certified Internetwork Expert: Security
  • Cisco Master Security Specialized
  • CISSP (Certified Information Systems Security Professional)
  • CSSLP (Certified Secure Software Lifecycle Professional)
  • Global Certified Incident Handler (GCIH)
  • Global Information Assurance Certification (GIAC)
  • Global Security Essentials Certification (GSEC)
  • HIPAA Academy Certified
  • Homeland Security Certified
  • Mail Security for Exchange Sales Expert
  • Microsoft Certified Systems Engineer: Security
  • PCI Approved Scanning Vendor
  • Symantec AV and Client Security Certification
  • Symantec Control Compliance Suite 8
  • Symantec Control Compliance Suite Sales Expert
  • Symantec Endpoint Protection
  • Symantec Endpoint Sales Expert
  • Symantec Enterprise Security Manager Sales Expert
  • Symantec IM Manager Sales Expert
  • Symantec Mail Security
  • Symantec Network Access Control Sales Expert
  • Symantec Security Management Sales Expert
  • Symantec Security Information Manager 4.5



The Cloud Built For You

CDW Threat Check