End-to-end security tends to be very abstract and difficult for humans to visualize. The challenges of designing, building and maintaining networks with security across every business case and each part of your network is no simple task. It requires that you know why you are building the network from a business perspective, and then, how security controls will affect it.

Today’s Problem

This diagram represents the challenge that we have in the industry. This is my own drawing that I used to represent a large store for the “PCI Design Guide.” I needed to represent a store architecture and depict how it was secure and compliant for credit cards. Although technically accurate, it is very hard to read. Where is the credit card flowing through out this store architecture? How do you know if a switch is being used as a firewall or if a firewall is being only used for intrusion detection? You can’t because the icons of today were not designed with security capabilities in mind.


The ease of children’s building blocks

SAFE uses a visual language; icons and graphics to simplify the complexity of security. There is a high, medium and low level view that can be used depending on the needs of the audience. When discussing the high level needs of the business, security is depicted in simple controls for the business use case. At a medium view, these simple controls are organized logically. At the lowest level, specific designs complete with Bills of Materials and configurations are used.

CAPABILITIES- High Level- Conceptual

SAFE uses the idea of “capabilities” to abstract the controls used in security. For example, if you wanted to purchase a firewall from Cisco, you might consider the Firepower NGFW, the ASA, the firewall IOS, a virtual ASA, or the Meraki product line. While the form factor might be different, at the end of the day, you are still buying a product that has the capability to Firewall. That concept or capability of a firewall is depicted using a descriptive icon that is reused across all three levels so that you see how they map directly.


Cisco uses blue circles for each capability. We have developed a palette of security capabilities representing the spectrum of controls that you will need for the networks of today and the future. This is important because you can now resolve a classic security problem with notation.

What if the firewall product that you bought is not really being used for Firewalling at all? Perhaps you are using an ASA for the sole purpose for Intrusion Detection. Or, perhaps you purchased a Cat6k switch with the firewall module. That is a switch using a firewall capability and a firewall performing IDS? This is confusing so we developed the next level down to resolve it; Architectures.

ARCHITECTURES- Medium Level- Logical

Cisco uses green squares to represent the Architecture level. Building on the concepts presented at the capability layer, the architecture icons depict the problem use case that we presented above with ease:

Here we have a Firewall that is being used for Intrusion detection.


Here we have a switch that is being used as a Firewall.


Any of the blue security capabilities can now be paired with any green architecture symbol used in network and security architecture. By using this notation, you can depict any business use case throughout your company in a logical manner that ensures you have the appropriate level of security controls.

DESIGN- Low Level- Specific

Finally, the lowest layer of the SAFE model is the Design layer. This is where specific products are selected that follow the method from a conceptual capability, to a logical architecture to a specific design. SAFE uses purple hexagons to represent exact product choices, configurations and wiring diagrams.


SAFE helps simplify security by providing a model that is used as a reference and a method that tailors this model to your specific environment. Finally, it uses a visual language to simplify the business flows.

Compare this diagram with the one above. Can you see the clerk’s credit card transaction now?

Do you see the firewall (and all the security capabilities) located in the blue circles?

Much easier to understand.


Next in this series of SAFE discussions I will show how you use SAFE and these icons to document a Retail Store; Francisco’s Supermarket.

For More information on how SAFE simplifies security, go to www.cisco.com/go/safe.


Christian Janoff

Enterprise Architect, Compliance

Security Technology Group