Whitepaper 02-01: Cost-Efficient Network Security Architecture
In this white paper, we look at a notional (but typical) small business. This notional organization faces unique challenges as a small company competing in a difficult business environment. As an information systems services provider, its network must provide a high degree of confidentiality, integrity, and availability (the CIA Triad)[i] â€“ the loss of any of these elements translates to a loss of its customers’ trust. At the same time, it must be economical; overhead personnel must be funded from existing revenues.
Our notional network infrastructure must satisfy these conflicting goals to provide the best cost-benefit. Specifically, we look at the following:
- Background â€“ The constraints under which our notional network must function.
- Existing Landscape â€“ The business drivers for our notional network’s configuration, the logical architecture we use to address these drivers, and our notional physical implementation.
- Defensive Posture â€“ How we protect our notional network from external and internal attacks.
- Recommendations â€“ Suggestions and alternatives for applying new resources to our notional network.
Gartner identifies both virtualization and activity monitoring as top strategic IT technologies for 2010.[ii] In our notional infrastructure, we address both of these technologies, but temper our adoption based on reliability as the single most important consideration for us, closely followed by affordability. We analyze existing shortcomings and suggest new solutions with these constraints in mind.
[i]Â Â Â Â Charles P. Pfleeger and Shari Lawrence Pfleeger, Security in Computing, 3rd Â ed. (Upper Saddle River, NJ: Prentice Hall, 2003), pg. 10. Dr. Pfleeger is widely credited with the first mention of the term CIA Triad in his first edition of this book (same publisher, dated 1989).