Название: Security Architecture – How & Why Автор: Tom Madsen Издательство: River Publishers Год: 2022 Страниц: 234 Язык: английский Формат: pdf (true) Размер: 69.1 MB
Security Architecture, or Enterprise Information security architecture, has been applied to many things and different areas, making a concrete definition of Security architecture a difficult proposition. But having an architecture for the cyber security needs of an organization is important for many reasons, not least because having an architecture makes working with cyber security a much easier job, since we can now build on a, hopefully, solid foundation. Developing a security architecture is a daunting job, for almost anyone, and in a company that has not had a cyber security program implemented before, the job becomes even harder. The benefits of having a concrete cyber security architecture in place cannot be overstated! The challenge here is that a security architecture is not something that can stand alone, it absolutely must be aligned with the business in which is being implemented.
This book emphasizes the importance, and the benefits, of having a security architecture in place. The book will be aligned with most of the sub frameworks in the general framework called SABSA, or Sherwood Applied Business Security Architecture. SABSA is comprised of several individual frameworks and there are several certifications that you can take in SABSA. Aside from getting a validation of your skills, SABSA as a framework focusses on aligning the Security Architecture with the business and its strategy. Each of the chapters in this book will be aligned with one or more of the components in SABSA, the components will be described along with the introduction to each of the chapters.
A firewall is a security gateway that sits on the boundary between two network domains, or even between several subnets, enforcing the security policy of one of those domains and regulating the flow and types of network traffic into and out of that domain. Firewalls are aimed at preventing unauthorized traffic flows and detecting unauthorized attempts to penetrate the security boundary created around the protected domain. When it comes to securing data networking environments, especially those in which an internal corporate network is to be connected to an external hostile network such as the Internet, most organizations will choose to use a firewall.