IT Security Coming of Age

Chris Hare

Many articles have been written about the latest and greatest tools for securing your machines and network from unwanted attack. Firewalls, security analysis tools, intrusion monitoring, and other topics have inundated the press for the past few years. Yet, the topic that is rarely discussed, and in which system administrators play a role is security architecture.

Yes, information security is only one component, but a well-rounded and well thought out architecture, even if focused only on information security plays a vital part in the protection of your corporate information.

This article suggests a sample model for the design of a security infrastructure, and is founded on published documentation and my experience as a systems administrator and information security specialist. For additional background on why a planned architecture is essential, who should focus on it, and the various industry forces pointing us in that direction, please see the companion article on the Sys Admin Web site at: http://www.samag.com.

A Security Infrastructure Model

For most organizations, the information technology model has changed dramatically during the past seven years. Many larger organizations have had to wrestle with the task of moving from a mainframe computing model to a workstation model. This generated a whole new set of problems and issues that had not been considered in a mainframe computing model. Figure 1 illustrates an example of a functional security model. We see that it essentially provides us with a framework with which to build our architecture.

This architecture addresses the concerns and requirements that have previously been mentioned in this article.