Building a Secure Architecture with Cisco SAFE
The biggest challenge in securing companies today is complexity. Too many attacks, but also, too many defenses. And, they keep growing. Maddening. But, there is a new security reference that simplifies this Herculean task. Cisco SAFE uses a model and a method to guide you.
SAFE uses a model to organize the network into logical areas called places in the network (PINs). Each PIN has common business use cases that require common security capabilities.
By understanding how your business flows through out each of the PINs, you are able to tie them to security requirements. SAFE eases this challenge by providing:
- New icons that represent the 3 phases of the SAFE model: Capability, Architecture and Design.
- A method that customizes the model to your environment using your policies, threats and risk concerns.
How Does The SAFE Model and Method Work Together?
Let’s take an example for one of the locations; the branch, to show you how SAFE uses a model, a method and icons to secure the business. The branch can be configured to support any industry and we will use retail in this example. How is the retail business and network security related?
- What if the store’s wireless network is attacked and services to employees and customers are cut off?
- What if an attack steals from the credit card machines?
- What if the store falls out of compliance, and is subjected to hefty fines?
- What if customer’s identities are stolen?
These are just some of the critical questions for both the business and technical sides of the house. The Francisco’s Supermarket chain wants to ensure that they are secure and able to support the business within their 800 stores across the US.
The SAFE Method for Francisco’s Retail Store
Step 1. Identify Francisco’s goals
Francisco’s wants to secure their store branch locations.
Step 2. Break Francisco’s network into manageable pieces
Francisco’s stores have three business use cases that the network must secure.
- Store Associates – Take credit card payments on the network.
- Store Manager – Needs wireless access for his tablet to connect to central corporate for daily pricing specials
- Third-Party Vendor Access – The heating and air conditioning is provided to the stores by a contractor. They are a third-party that monitors Francisco’s equipment using the store network.
Step 3. Develop criteria for success of the business
Francisco’s has ranked their store business processes in this order:
- Credit card machines = Priority 1
- Wireless access to central corporate services= Priority 3
- Vendor access for HVAC company= Priority 2
Step 4. Categorize the risks, threats, and policies
Francisco’s makes a list of all of the business needs at a location along with policies, risks, and threats that could be present in each of their store branches.
What are the policies? Francisco’s Chief Security Officer has three primary policies:
- Zero trust – Everyone must be identified on the network
- Restrict access to credit card zones – Must be PCI compliant
- All systems patched up to date within one month of release – Ensure devices remain secure from vulnerabilities
What are the risks and threats? Francisco’s identifies five major risks and threats.
- Business outage due to a security incident
- Lack of segmentation allows for easy exploit spread
- Loss of customer information and credit card data
- Custom application exploits and vulnerabilities
- Vendor access could cause compromise
By combining the policy, risk, and threat concerns with the business objectives, you can design with a holistic picture of what is important. The next step is to create the solution and depict it using the SAFE icons so that it is easy for the customer to understand.
Step 5. Build the security solution
Knowing the business requirements, policies, risks, and threats, create your solution using the three phases of the SAFE Method.
- Francisco’s priority is for credit card transactions to remain secure and available.
Based on the policy, risks, and threats, what security capabilities are needed for this business flow?
In the architecture phase, logically arrange the capabilities for the credit card transaction into a business flow architecture. This simply means that you will place the security capabilities where they would logically be used to secure that flow.
Then, do the same exercise with the “Manager use case” and the “third party (vendor access) use case.” Ensure that they flow through the capabilities needed to secure them.
Knowing the business architecture, you can now create a design that matches the business requirements. The output will be a direct mapping of the business concerns to the security within the network.
These designs will have specific models with the required interfaces and software images. By providing pricing, business justification can be directly mapped to the technology and priority that was captured in the third step.
SAFE provides a model for reference, a method to customize it, and icons to document with. Security isn’t simple, but you can use SAFE to help simplify it.
Visit cisco.com/go/SAFE to learn more.