Basically, it is how one designs systems and networks to be secure. It is a part of
the design phase so that security is an inherent part of the application rather than
added on after the main design decisions are made
In a network, the Information Security architecture" would describe how the network is
partitioned so that the various segments would allow controlled access to information
systems. For example, the segment holding the financial systems would be in a separate
LAN segment with at least a filtering router with Access Control Lists or IPSEC
authenticating all packets that cross into this segment.
The same applies to partitioning the processes on the server itself so that users of
a system are covered by "Mandatory Access Controls" (MAC) that authenticate and create
an audit trail of every access to secure data.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Hossein Pourreza
Sent: Sunday, March 25, 2001 22:38
To: [EMAIL PROTECTED]
Subject: Security Architecture
Hi to All,
I have some experience in firewall developing and network security and I
should prepare a report about "Information Security Architecture" but I do
not know what does it mean.
Do somebody help me about this topic?
Any help will be appreciated.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
