A security policy should be considered a living document, continuously updated as technology and organizational requirements change. As shown in Figure 10-6, a process consisting of the following four steps helps maintain the security policy:
■ Secure: A security solution is implemented to stop or prevent unauthorized access or activities and to protect information and assets. Securing the network might include implementing filtering and stateful inspection, identity authentication, encryption, virtual private networks (VPN), vulnerability patching, and other countermeasures to implement the security policy.
■ Monitor: Monitoring the security solution is required to detect violations of the security policy; monitoring might include system auditing, real-time intrusion detection and response, and content-based detection and response.
Test: The effectiveness of the security policy and the implemented security solution is validated by regular system auditing and assessment, and vulnerability scanning. Any applications installed and patches applied to software must be verified against the security policy.
Improve: The information gathered from monitoring and testing the security solution, including event and data analysis and reporting, is used to make improvements to the security implementation. The security policy might have to be adjusted as new security vulnerabilities and risks are identified, and as network security intelligence improves.
Figure 10-6 Network Security Is a Continuous Process
Security is becoming more and more an embedded part of the network. Security services such as firewalls, IPSs, Secure Sockets Layer (SSL), and IP security (IPsec) might now reside within the network infrastructure. SSL enables a secure path between a web browser and router resources. Recall from Chapter 5, "Designing Remote Connectivity," that IPsec is both a tunnel encapsulation protocol and a security protocol.
Integrating security within a network design is more manageable than adding security components after the network is implemented. Accordingly, it is now a recommended practice to integrate security when designing a network.
However, an integrated security and network design requires coordination not only between the network and security teams, but also with the rest of the IT organization—including, for example, the security policy and desktop operations teams.
Was this article helpful?