Network Security Architecture
In practice, deployment of the security products does not always improve the safety of IT system resources. Due to design or configuration errors, the safeguards may not perform their tasks properly, causing an elusive sense of security. Designing an appropriate network security architecture is a complex task, mainly because network is differently protected. Often integrated with one another, such as access control, intrusion prevention, encryption, user authentication, content inspection, etc. The network protections operations depend on the IT system environment. The safeguards do not create an autonomous system but rather a protection layer complementing and ensuring operating system, application, and database security.
An appropriate network security architecture design provides numerous advantages:
Isolation of low-trust network areas, which can be potentially used to launch attacks against strategic IT system resources
Limitation of the security breach scope to one system or network segment as well as limiting the incident spreading to other systems
Accurate network access control to IT system resourc-es as well as monitoring and auditing resource usage and management
Quick identification of IT systems security incidents based on the events detected in the network areas, where these events should not occur