Back
POSITIVE SECURITY MODEL

Positive Security Model: Need & Usage

Network Security Models:

There are two types of Network Security Model:

  • Positive Security Model
  • Negative Security Model

In this post, we will discuss Positive Security Model in detail.

Positive Security Model

While setting up Web facing applications, a lot of consideration is given to how the security posture for such applications would be like. Especially in case of large enterprise or Data Centers, Web Application Firewalls (WAFs) are an inseparable part of the security setup. These firewalls are required to implement security mechanism based on some standard approach. This is where a Positive Security Model comes to play, which is also called Whitelist Model. Positive security model is all about reducing the attack surface area by only allowing known so called good traffic only.

Let’s comprehend the model in more detail – Positive Security model blocks everything in the start and what is allowed is positive. This model is built on the concept of permitting specific, approved traffic, action and other functions. Due its positive behaviour and allowing only that traffic “which is positive”, this model is mostly used by firewalls and to provide a safer communication path. Positive Model WAF allows access to certain specific rules. This means that each rule which gets added renders greater access and contrary to this, having no rules in place will block everything by default.

Positive model is useful when you know what type of content you offer and you are well aware that what you need to allow i.e. which port for your webserver and the content on servers never changes. So that’s why a positive security model is required. Firewalls in a network works on this model. The main advantage of implementing a positive security model in the network is that zero-day attack can be prevented. However, there are some caveats to positive model i.e. if change in behaviour of an application occurs or its communication flow is modified, we need to create a new policy in order the application to work.

Gartner’s Magic quadrant rating is considered the de facto reference source for organizations to evaluate vendor products. In case of Web Application Firewalls, Gartner strictly considers Positive Security model support and its adherence as one of the key parameters to rate and categorize respective vendor product in the Magic Quadrant.  Hence, customer buying is significantly impacted by Gartner’s rating.

Key Attributes of Positive Security Model

To summarize, we can enlist some key attributes of positive security model as under –

  • You decide what is valid, everything else will be blocked.
  • Pros: Much Better protection compared to Negative Model.
  • Cons: Requires “Whitelisting” to be performed in order to not block legitimate visitors. Also incurs additional overhead compared to “Negative Security Model”.

 

Continue Reading:

Positive Security Model vs Negative Security Model

Firewall vs Proxy

Tag:

Rashmi Bhardwaj

I am here to share my knowledge and experience in the field of networking with the goal being - "The more you share, the more you learn."

I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.

I am a strong believer of the fact that "learning is a constant process of discovering yourself."
- Rashmi Bhardwaj (Author/Editor)

You may also like

Simplifying Power over Ethernet PoE Installation
Simplifying Power over Ethernet PoE Installation
19 November, 2024
Cloudflare – What is it
What is Cloudflare? Working, Uses, Pros & Cons
14 November, 2024
Configure DHCP Relay Traffic to Use SD-WAN Rules
Configure DHCP Relay Traffic to Use SD-WAN Rules
12 November, 2024

Leave A Reply

Your email address will not be published. Required fields are marked *

16 − 13 =

Select your currency
USD United States (US) dollar
INR Indian rupee