Cisco developed a process they call the Security Posture
Assessment (SPA) to describe a company’s network security efforts as a living,
evolving entity. The SPA is represented graphically in Figure 1-5. As the graphic
shows, developing a network security program is an iterative process that must
be continually managed to reduce the risk of loss, while efficiently using
company resources.
|
STUDY TIP |
You should assume this graphic and the process it represents
can be part of all four security exams. As you learn about a new technology,
make sure you know where that technology fits in the Security Wheel. For
example, intrusion detection systems (IDS) would be a part of the monitoring
process. |
Even if a company had the capital resources and attempted to
develop the “perfect” network security solution, it would still be only the
beginning of an on-going process. Like a perfect wave for a surfer or a perfect
breeze for a sailor, the perfect security system is at best a moment in time, if
not an illusion. The factors that led the company to put in the security system
have been busily evolving and changing at the same time. The nearly constant
changes occurring in technologies used in the network, types and sources of
threats, even changes in data flows within the organization continually
introduce new risks that must be anticipated and mitigated. The wheel identifies
the four stages of developing a secure system.
-
Secure After carefully studying the
security policy, it’s time to secure the network by implementing the processes
and technologies required to protect the organization’s data and intellectual
resources. These could include technologies like VPNs for telecommuters and
branch locations, or the addition of firewall devices in the network.
-
Monitor The security processes and
technologies need to be monitored to make sure they provide the security
expected. This could involve a variety of activities, ranging from scanning log
files to using network management software to detect intrusions, failed
attempts, and internal misuse of resources.
-
Test The test stage can include testing
new processes to make sure they meet expectations, testing established processes
to see if internal or external changes might have made them less than secure,
and periodic audits to see that all processes and policies are being implemented
as designed and whether security problems are being dealt with properly.
-
Improve The improve stage involves
developing new plans to adjust the security program for changes in both the
internal and the external environment. From implementing “staged” improvements
that were built into the original plan to reacting to the latest security threat
that could be stalking the network, improvements in both technology and
processes are a must.
At the center of the wheel is the network security policy,
sometimes referred to as the corporate or enterprise network security policy. This component, if
properly implemented, is the blueprint for the four evolutionary processes of
the wheel to follow. The next section looks at the security policy in greater
detail.
Sections
Comments (0 posted)
Syndication
