Network Security Architecture & fine tuning
An appropriate design of the network security architecture

Network Security Architecture

SECURITY QUESTIONS

Design principles

In practice, deployment of the security products does not always improve the safety of IT system resources. Due to design or configuration errors, the safeguards may not perform their tasks properly, causing an elusive sense of security. Designing an appropriate network security architecture is a complex task, mainly because network is differently protected. Often integrated with one another, such as access control, intrusion prevention, encryption, user authentication, content inspection, etc. The network protections operations depend on the IT system environment. The safeguards do not create an autonomous system but rather a protection layer complementing and ensuring operating system, application, and database security.

An appropriate network security architecture design provides numerous advantages:

low-trust network

Isolation of low-trust network areas, which can be potentially used to launch attacks against strategic IT system resources

the security breaches

Limitation of the security breach scope to one system or network segment as well as limiting the incident spreading to other systems

access control

Accurate network access control to IT system resourc-es as well as monitoring and auditing resource usage and management

Quick identification

Quick identification of IT systems security incidents based on the events detected in the network areas, where these events should not occur