The development of each component architecture is based on our understanding
of why that function is needed for that particular network. While one may argue
that security is always necessary, we still need to ensure that the security mechanisms
we incorporate into the architecture are optimal for achieving the security
goals for that network. Therefore, toward developing a security architecture, we
should answer the following questions:
1. What are we trying to solve, add, or differentiate by adding security mechanisms
to this network?
2. Are security mechanisms suffi cient for this network?
While it is likely that some degree of security is necessary for any network, we
should have information from the threat analysis to help us decide how much
security is needed. As with the performance architecture, we want to avoid implementing
(security) mechanisms just because they are interesting or new.
When security mechanisms are indicated, it is best to start simple and work
toward a more complex security architecture when warranted. Simplicity may be
achieved in the security architecture by implementing security mechanisms only in
selected areas of the network (e.g., at the access or distribution [server] networks),
or by using only one or a few mechanisms, or by selecting only those mechanisms
that are easy to implement, operate, and maintain.
In developing the security architecture, you should determine what problems
your customer is trying to solve. This may be clearly stated in the problem defi nition,
developed as part of the threat analysis, or you may need to probe further to
answer this question. Some common areas that are addressed by the security architecture
include:
■ Which resources need to be protected
■ What problems (threats) are we protecting against
■ The likelihood of each problem (threat)
■ This information becomes part of your security and privacy plan for the network.
This plan should be reviewed and updated periodically to refl ect the
current state of security threats to the network. Some organizations review
their security plans yearly, others more frequently, depending on their requirements
for security.
Note that there may be groups within a network that have different security
needs. As a result, the security architecture may have different levels of security.
This equates to the security perimeters or zones introduced in the previous chapter.
How security zones are established is discussed later in this chapter.
Once you have determined which problems will be solved by each security
mechanism, you should then determine if these security mechanisms are suffi cient
for that network. Will they completely solve the customer’s problems, or are they
only a partial solution? If they are a partial solution, are there other mechanisms that
are available, or will be available within your project time frame? You may plan to
implement basic security mechanisms early in the project, and upgrade or add to
those mechanisms at various stages in the project.