SAFE emulates as closely as possible the functional requirements of today's enterprise networks. Implementation decisions vary depending on the network functionality required. However, the following design objectives, listed in order of priority, help guide the decision-making process:
Security and attack mitigation based on policy
Security implementation throughout the infrastructure (not just on specialized security devices)
Secure management and reporting
Authentication and authorization of users and administrators to critical network resources
Intrusion detection for critical resources and subnets
Support for emerging networked applications
The main goal of the architecture is to prevent attacks from successfully affecting valuable network resources. The attacks that succeed in penetrating the first line of defense or that originate from inside the network must be accurately detected and quickly contained to minimize their effect on the rest of the network. However, while being secure, the network must continue to provide critical services that users expect. Proper network security and good network functionality can be provided at the same time. The SAFE architecture is not a revolutionary way of designing networks but merely a blueprint for making networks secure.
SAFE is also resilient and scalable. Resilience in networks includes physical redundancy to protect against a device failure, whether through configuration faults, physical failure, or network attack. Simpler designs that involve less redundancy are possible.
At many points in the network design process, you need to choose between using integrated functionality in a network device and using a specialized functional appliance. The integrated functionality is often attractive because you can implement it on existing equipment or because the features can interoperate with the rest of the devices on the network to provide a better functional solution. Appliances are often used when the depth of functionality required is very advanced or when performance needs require using specialized hardware. Make your decisions based on the capacity and functionality of the appliance versus the integration advantage of the device. Most critical security functions migrate to dedicated appliances because of the performance requirements of large enterprise networks.
Although most enterprise networks evolve with the growing IT requirements of the enterprise, the SAFE architecture uses a start-from-scratch modular approach. A modular approach has two main advantages. First, it allows the architecture to address the security relationship between the various functional blocks of the network. Second, it permits designers to evaluate and implement security on a module-by-module basis instead of attempting to implement the complete architecture in a single phase. The first levels of modules are functional areas. Figure A-1 illustrates the SAFE functional areas.
Table A-2 shows the second layer of SAFE components, which are also defined functionally. Each of the three functional areas has its own components or modules. The table lists these modules with the associated SAFE functional area.
Functional Areas | Included Modules |
|---|---|
Enterprise campus | Management Server Building Building distribution Core Edge distribution |
Enterprise edge | E-commerce Corporate Internet VPN and remote access WAN |
Service provider edge | ISP A ISP B Public Switched Telephone Network (PSTN) Frame/ATM |
Not all actual enterprise networks have specific devices, blades, cards, or ports clearly assigned to all the modules mentioned. It is still useful to the designer to identify where all the functions occur and the interactions between the functions. Changes in function that mark the component boundaries offer natural opportunities for specialization and hierarchy as a network grows. Figure A-2 is an illustration of the different modules within each functional area.
The definition of areas or modules, each with a specific function, helps to layer the protection because different security measures are in place at different points in the network. This layering makes the security solution more resilient and scalable. The modules, once built, become templates for the modifications to the network required by the addition of users and applications. Modularization also reduces security issues caused by growth because the security capabilities are considered in the module implementation.
![[View full size image]](/image/library/english/13756_ap01fig02_alt.jpg;380136){kind=link}