Security Architecture
Security architecture (SAFE)

SAFE is a security blueprint for networks, which is based on Cisco Architecture for Voice, Video, and Integrated Data (AVVID). SAFE enables businesses to securely and successfully take advantage of e-business economies and compete in the Internet economy. SAFE provides a secure migration path for companies to implement and converge voice, video, and data networks. SAFE layers are incorporated throughout the Cisco AVVID infrastructure:

  • Infrastructure layer – Intelligent, scalable security services in Cisco platforms, such as routers, switches, firewalls, intrusion detection systems, and other devices.
  • Appliances layer – Incorporation of key security functionality in mobile hand-held devices and remote PC clients
  • Service control layer – Critical security protocols and APIs that enable security solutions to work together cohesively.
  • Applications layer – Host- and application-based security elements that ensure the integrity of critical e-business applications.

To facilitate rapidly deployable, consistent security throughout the network, SAFE consists of modules that address the distinct requirements of each network area . By adopting a SAFE blueprint, security managers do not need to redesign the entire security architecture each time a new service is added to the network. With modular templates, it is easier and more cost-effective to secure each new service, as it is needed, and to integrate it with the overall security architecture.

One of the unique characteristics of the SAFE blueprint is that it is the first industry blueprint that recommends exactly which security solutions should be included in each section of the network, and why they should be deployed. Each module in the SAFE blueprint is designed specifically to provide maximum performance for e-business, while at the same time enabling businesses to maintain security and integrity.

The SAFE white papers provide overviews of the extended SAFE Blueprint, followed by detailed descriptions of the specific modules that comprise the actual network designs.

  • SAFE: A Security Blueprint for Enterprise Networks
  • SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
  • SAFE: VPN IPSec Virtual Private Networks in Depth
  • SAFE: Wireless LAN Security in Depth - version 2
  • SAFE: IP Telephony Security in Depth
  • SAFE: IDS Deployment, Tuning, and Logging in Depth
  • SAFE: Worm Mitigation

Resources

Resource: SAFE Poster

Web Links