Network Security Architecture Review

The architecture of a network is governed by the organizational Policy and is built upon the requirements that help support business operations. As such, the security of the network architecture ensures the continuous and reliable performance of the organizational operations. Furthermore an effective solution must provide the means of monitoring, correlation and detection of security-relevant network behaviors in real time and acting upon external or internal threats that may impact the organizational assets including applications, services, data and network elements. During a typical review the following areas may be examined (but are not limited to):

• Security Policy Review- identifies the organizational objectives that need to be supported by the network architecture and underlying computing infrastructure.
• Disaster Recovery - focuses on various aspects such as the requirements, design, configuration and procedures that provide resiliency and business continuity in case of a disaster.
• Asset and Information Classification - this exercise reviews the policies, procedures and classification scheme that are used to classify assets, including components and data, in order to evaluate their significance and identify associated risk.
• Network Topology - this area focuses on the review of the architecture’s network topology and placement of network elements in relation to their operation (i.e. security, management, traffic routing/shaping
• Management - this area examines the management and administration controls that are used to support daily operations such as, but not limited to, remote access, authentication, session confidentiality, non-repudiation and logging.
• Network Controls Router: this area focuses on the network controls that are used to manage inbound and outbound network traffic (i.e. ACL’s)
• Firewalls: this area focuses on the security policy that is used to manage inbound and outbound network and application traffic.(i.e. ACL’s)
• Intrusion Detection (network and host based) and Response: this area examines event logging from network elements in the target networks such as routers, web servers and database severs.network and application traffic.(i.e. ACL’s)
• VPN and Remote Access: review of the security controls associated with Secure VPN’s and remote access for organizational employees and affiliate users (i.e. vendors, business partners, customers)
• Network element security: this area focuses on reviewing the security controls that are configured on the target components (i.e. routers, web servers, firewalls, DNS servers)
  

Our approach requires close interaction with the corresponding client personnel that support the categories, above, to enable a thorough and detailed analysis.

Experience

In addition to architecture reviews, our team members have worked with government and commercial organizations in the areas of security requirements definition and development, product analysis and evaluation which are vital components for developing an effective network security architecture. Some of the past customers include telecommunication carriers and financial institutions.