28 CHAPTER 2 About Industrial Networks Security Perimeter" or "ESP" refers to the boundary between secure and nonse- cure enclaves. 22 The perimeter itself is nothing more than the logical "dotted line" around an enclave that separates the closed group of assets within its boundaries from the rest of the network. "Perimeter defenses" are the security defenses estab- lished to police the entry into the enclave, and typically consist of a firewall and/or an Intrusion Prevention System (IPS). A Note on Perimeterless Security There is much debate about the ESP within the context of NERC and much dis- cussion about a shift toward "perimeterless" security. In a perimeterless approach, there is no strict demarcation where all of our security products are concentrated. The goal is to move away from the "hard outer shell" with "soft gooey center" security practices that NERC's mandate of an ESP unintentionally promotes. Although future changes to NERC CIP may alter the terminology around establish- ing perimeter defenses, it will remain important to establish and enforce bounda- ries. This will be discussed further in Chapter 7, "Establishing Secure Enclaves."