What is multi-layer defense?

Multilayer defense refers to a security strategy composed of multiple independent security management layers, ensuring continued functionality even if one layer fails or is compromised. These layers generally include factors such as personnel, technology, and operations. By layering these management systems, attacks that cannot be mitigated by one layer during data processing can be blocked by another layer within the same system.

There are several ways to implement a multilayer defense strategy. For technical aspects, it is recommended to consider the following three points:

1. Denial-of-Service (DoS) Protection: Implementing DoS protections blocks DoS attacks, preventing them from overloading applications while improving the quality and predictability of the customer experience. To maximize the effectiveness of DoS protections, deploy them globally at network boundaries to cover all applications, APIs, services, and supplement other traffic management and security tools. DoS solutions also help block Distributed Denial-of-Service (DDoS) attacks, enhancing their impact. DDoS attacks involve the use of numerous bots or compromised systems to flood specific web assets, applications, or one or more IP addresses with large amounts of traffic.
2. Web Application Firewall (WAF): Deploy a WAF between the DoS protection layer and the load balancer or Ingress controller. A WAF blocks sophisticated Layer 7 attacks that target vulnerabilities like those listed in the OWASP Top 10. WAFs should provide powerful, out-of-the-box protection settings for developers unfamiliar with security practices, while also offering customization for specific use cases defined by users.
3. Authentication and Authorization: Ensure that traffic management tools like load balancers, API gateways, and Ingress controllers are properly configured to authenticate and authorize all access requests to applications and infrastructure. This is especially critical in Kubernetes or microservices-oriented environments, where services are loosely coupled and accessible externally via APIs. A robust and continuous authentication process, including multi-factor authentication (MFA) for human interaction, helps validate all connections, reduce attack vectors, and enhance overall security.