Do you have an, obviously very solid maybe you’d even say foolproof, perimeter and trust everything on the inside? Then you’re an egg. Once the attacker cracks the hard shell everything is up for grabs?
Or do you have a, maybe not quite so foolproof, perimeter on the outside but inside of that you also have checks and verifications in layers upon layers? Then you’re an onion. If the attacker cracks the first layer there’s several more before the attacker can reach your golden eggs at the center?
Egg: A solid perimeter and place the attacker on the outside to check which routes you should focus on securing first.
Onion: If you’ve got your layers you can place the attacker at various points, in each instance checking how far they can get after each layer of security has been broken through, and estimates on how fast.
For the Egg type of architecture, compromising the Payment validator service takes 8 days if the external firewall would contain firewall rules that the attacker can make use of. If it doesn’t, then the Egg architecture is completely safe. (You can elaborate with this by altering the KnownRuleSet defense setting of the Firewall object.)
If the same situation should happen to the Onion type of architecture, compromising the Payment validator service takes 355 days.
Furthermore, the Egg type of architecture is only resistant towards external attacks. If we look at other attack scenarios, only the Onion architecture will make the life of the attacker hard while the Egg type of architecture will be more or less a walk in the park.
You can move the Attacker from the Internet network zone to the Internal network zone to see the effect of for instance a phishing attack.
Feel free to download securiCAD Community Edition and play around with defenses, objects and attacks. See what works for you and your architecture.