The biggest challenge in securing companies today is complexity. Too many attacks, but also, too many defenses. And, they keep growing. Maddening. But, there is a new security reference that simplifies this Herculean task. Cisco SAFE uses a model and a method to guide you. Show
SAFE uses a model to organize the network into logical areas called places in the network (PINs). Each PIN has common business use cases that require common security capabilities. Cisco SAFE Places in the NetworkBy understanding how your business flows through out each of the PINs, you are able to tie them to security requirements. SAFE eases this challenge by providing:
How Does The SAFE Model and Method Work Together?Let’s take an example for one of the locations; the branch, to show you how SAFE uses a model, a method and icons to secure the business. The branch can be configured to support any industry and we will use retail in this example. How is the retail business and network security related?
These are just some of the critical questions for both the business and technical sides of the house. The Francisco’s Supermarket chain wants to ensure that they are secure and able to support the business within their 800 stores across the US. The SAFE Method for Francisco’s Retail StoreStep 1. Identify Francisco’s goalsFrancisco’s wants to secure their store branch locations. Step 2. Break Francisco’s network into manageable piecesFrancisco’s stores have three business use cases that the network must secure.
Step 3. Develop criteria for success of the businessFrancisco’s has ranked their store business processes in this order:
Step 4. Categorize the risks, threats, and policiesFrancisco’s makes a list of all of the business needs at a location along with policies, risks, and threats that could be present in each of their store branches. What are the policies? Francisco’s Chief Security Officer has three primary policies:
What are the risks and threats? Francisco’s identifies five major risks and threats.
By combining the policy, risk, and threat concerns with the business objectives, you can design with a holistic picture of what is important. The next step is to create the solution and depict it using the SAFE icons so that it is easy for the customer to understand. Step 5. Build the security solutionKnowing the business requirements, policies, risks, and threats, create your solution using the three phases of the SAFE Method. Capability Phase
Based on the policy, risks, and threats, what security capabilities are needed for this business flow? SAFE Capability Diagram: Credit Card Clerk required security capabilitiesArchitecture Phase In the architecture phase, logically arrange the capabilities for the credit card transaction into a business flow architecture. This simply means that you will place the security capabilities where they would logically be used to secure that flow. SAFE Architecture Diagram: Credit Card business architecture using required security capabilities.Then, do the same exercise with the “Manager use case” and the “third party (vendor access) use case.” Ensure that they flow through the capabilities needed to secure them. Design Phase Knowing the business architecture, you can now create a design that matches the business requirements. The output will be a direct mapping of the business concerns to the security within the network. SAFE Design Diagram: Francisco’s store DesignThese designs will have specific models with the required interfaces and software images. By providing pricing, business justification can be directly mapped to the technology and priority that was captured in the third step. SAFE provides a model for reference, a method to customize it, and icons to document with. Security isn’t simple, but you can use SAFE to help simplify it. Visit cisco.com/go/SAFE to learn more. Share: |