Skip to main content

Securing Network Architecture - Part 2 | Optiv

December 01, 2011

FirewallThe Methodology

The methodology of securing any network architecture should include, but not be limited to, the network topology, security assets, device features and security device configurations. Security technology policies for remote access, network segmentation, server protection, and authentication and firewall design should also be evaluated. In addition, the assessment should evaluate the overall security architecture for scalability, performance and manageability.

Based on the analysis, the report should provide a detailed set of recommendations with milestones on how to mitigate the identified security risks, including device mis-configurations and improvements to overall network topology. Recommendations should be direct and concise and not anecdotal. They should provide security migration plans with documentation to assist the organization in the growth and support plans of the infrastructure. In addition, the recommendations should measure the alignment of the assessed network with reference to proven industry network security best practices.

Some of the goals of the network assessment methodology should include the following:

  • Identify all technology assets pertinent to securing the network
  • Understand business drivers and objectives
  • Identify mandates, regulations and compliancy requirements
  • Establish that security assets meet business requirements
  • Attain an overall evaluation of the security controls on the network infrastructure
  • Provide a detailed assessment of the network design and architecture, including a review of redundancy, segmentation, access and management tools
  • Identify and document general strengths and weaknesses in the network security architecture
  • Identify specific steps to make improvements on the network architecture design and security
  • Review, optimize or recommend changes for the existing network device configuration, associated management platforms and operational management tools
  • Produce a gap analysis mapped to device security configurations, business requirements and best practices with recommendations for improvements within the network infrastructure

It should be reiterated that throughout the entire assessment, the business requirements should be the driving force behind all of the strategies and recommendations developed and presented in the final gap analysis report. The final assessment report documents should show the areas of the architecture that could be improved, while also providing a roadmap with the actionable tasks to achieve those goals.

Conclusion

Network Security Architecture assessment is an important step to proactively identify and mitigate the risks to an organization’s network architecture. It allows security managers to analyze a network and establish gaps and risks posed to that network. The analysis allows an organization to strengthen its network security infrastructure by providing multilayer network protection, avoiding unexpected costs and reducing compliance exposures. This service also identifies network vulnerabilities and recommends improvements to better align the security architecture with industry standards, industry best practices and an organization’s security policy.

Related Blogs

April 03, 2018

Escape and Evasion Egressing Restricted Networks – Part 2

Attackers and security assessors alike are utilizing a technique called domain fronting, which masks malicious command and control (C2) traffic. This ...

See Details

February 06, 2018

What Is SSL Web Inspection and Where Should It Occur? (Part 3)

In parts one and two of this blog series, I provided an overview of SSL web inspection, and dove deeper into how SSL inspection solutions work and met...

See Details

January 29, 2018

What Is SSL Web Inspection and Where Should It Occur? (Part 2)

Hardware will vary between vendors and even different models within a vendor’s catalog. Some models/vendors will offload complex CPU tasks (decryption...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

RELATED INSIGHTS

July 21, 2015

Network Security Solutions

Learn how we help protect your environment while maintaining connectivity.

See Details

December 01, 2011

Securing Network Architecture - Part 1 | Optiv

Today, securing a network cannot be fully accomplished with just a product or a solution. Rather, an in-depth holistic approach is required to protect...

See Details

April 02, 2010

Enterprise Management - Network Security Threats | Optiv

I visit lots of customer sites each year and see many security-related commonalities amongst them. At the top of this list, from a network security pe...

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.