One of the first things you learn when you start looking into computer security is that about 80% of the attacks reported on networks come from the inside, principally from fired or disgruntled employees, from external consultants or from malicious hackers that got inside the network one way or the other (non-secured Internet connection, plugged modems, social engineering, got hired by the victim under false pretensions, etc.). Since the demographical explosion of the Internet, this number tends to lower, but latest estimates still declare that between 60%-80% of network incidents happen on the internal network. However, the majority of computer security companies will put most of their efforts on securing the periphery of the network, while leaving the internal network itself completely open, either by a lack of consciousness about this problem, either by lack of competence, or more often either by lack of money to put up a project affecting all workstations on a network.
I could see for myself on a few occasions, while on duty, that once the periphery of the network is circumvented, the rest of the network is just like a big ripe fruit that we simply have to pick up. This is why it is imperative to define measures that will enhance the global security of computer networks, while trying to keep the costs as low as possible. This is possible with the help of optimizing the tools that are already in place and by automatizing the deployment process, in order to reduce direct human interaction which is prone to errors and costs a lot because it takes longer.
2. Definition of the multi-level approach