Building Your Own Security Architecture Chapter 08: Security Solutions
This chapter introduces how to find a suitable degree and design simple solutions and related content modules.
Clear Requirements
Expected scope (target expectation of original requirements)
Describe the original requirements of the scheme in detail and give the target expectations. Measure your resources, whether to reduce unnecessary requirements or delay low priority requirements, and ensure that they can be implemented under the current resource conditions. For example, the requirements can be implemented in stages to implement urgent and important requirements in one phase.
Applicable Scenario
Scope of requirements (infrastructure, applications, data, etc.)
According to the original requirements and the current actual situation, determine which applicable scenarios are available. For example, business secret transformation (load balancing, API gateway, web server, application service, cryptography library, etc.); IPv6 transformation (line, route, security protection, DNS server, application service, etc.); Code scanning (release system, source code control system, etc.); Flow monitoring (multi terminal, inlet and outlet flow, etc.);
Demand Dependence
Scope of risks and resources (budget, manpower, technology, project management, etc.)
What resources are needed (budget, procurement, cycle, key personnel, key technology, etc.) and what known risks are there (insufficient resources, legacy systems, deadline for rectification, etc.). Measure the known risks and resources to achieve the demand objectives, and judge whether they can be solved or what further support needs to be sought.
Best Practices
Collection of reference answers (requirements, scenarios, resources, risks, etc.)
conceptual design
It includes technical architecture, process, operation, etc., which is the concrete embodiment from logical architecture to context architecture. Realize the technical scheme through the combination of infrastructure, and provide reference cases for daily operation, maintenance, special cases and other disposal.
acceptance specification
Through certain test cases to judge whether it meets the target expectations and whether it can maintain the SLA. With SOP, sign off can be carried out after meeting the acceptance specifications.
reference architecture
Provide corresponding descriptions of industry standards and industry best practices for reference.
Project management
Clear scope and reduce pending processes
The process from defining requirements to specific applicable scenarios, and from combing dependencies to outputting best practices are inseparable from project management. From seeking support to task assignment. Even if there is a professional project manager in the whole process, as a security architect, he should be able to complete cross team communication and determine the key stakeholders and interfaces through meetings, emails, Im, etc. In short, it is important to require an output for each input and reduce the pending items in the output.
ALL CHAPTERS:
- Building Your Own Security Architecture Chapter 01: Basic Viewpoint
- Building Your Own Security Architecture Chapter 02: Know your business
- Building Your Own Security Architecture Chapter 03: Know your organization
- Building Your Own Security Architecture Chapter 04: Yin and Yang
- Building Your Own Security Architecture Chapter 05: Know Your Architecture
- Building Your Own Security Architecture Chapter 06: Enterprise Security Architecture Basics
- Building Your Own Security Architecture Chapter 07: Security Architecture Basics
- Building Your Own Security Architecture Chapter 08: Security Solutions
- Building Your Own Security Architecture Chapter 09: Continuous Delivery
- Building Your Own Security Architecture Chapter 10: Become A Security Architect
This translation was based on 《安全架构要参:构建企业适用的安全架构》,and if you can read Chinese, please visit https://securityarchitecture.pro/
