Security Architecture Review

Secure security architecture is fundamental to Information Security. Your network infrastructure would have evolved over many years. As the network grows and security technologies evolve, security architectures should be reviewed and updated periodically to ensure it continues to meet the critical business and compliance requirements. Security Architecture review often goes hand in hand with Technical Security Assessment, Information Security Policy Development and Host Hardening Services. It specifies the set of controls and configurations required to meet the security policies and the security assurance level.

The Security Architecture Review will comprehensively review the applications, network, servers and services within an organization's environment and identify methods to enhance and improve on the system infrastructure and support. This includes both future and existing infrastructure. The network security architecture specifies the network topology and where the security controls are to be applied. These controls may include firewalls, network segmentation, IDS/IDP, etc.

SATTRIX security professionals can perform a Security Architecture Review that will examine all layers of your network architecture — including the network design, external connections, hosts, servers, business logic, staging areas, procedures, and quality assurance (QA) — to determine what security vulnerabilities exist. At the end of the review, we provide a report that documents all the findings, along with recommendations for improvement. A proper architecture and design of security services will enable you to meet your business risk exposure targets and satisfy compliance requirements.

Our service methodology includes the following steps:

  • Review of any latest security reports
  • Analysis of current IT network, information flow according to business requirements and points of access to information
  • Analysis of current security controls and procedures for various security management areas
  • Analysis existing network security architecture, including topology/ configuration, and security components/features
  • Provide gap analysis or prioritized recommendations on network architecture and placement of security controls. The in-depth principles used to ensure security controls are applied for information transport, and access to networks, hosts, applications and data. The outcome will be a recommendation that has the proper combination of the security services at each level to deliver a cohesive security posture that reflects the enterprise’s risk management objectives. The security controls and procedures of various security management areas will be addressed, such as Threat Management, Vulnerability Management, Identity Management and Change Management
  • Provide assessment of the existing security controls and prioritized recommendations on improvements and/or additional controls to meet specified security policies
  • Provide assessment and prioritized recommendations on security procedures
  • Provide an evaluation of the security architecture for performance, scalability, reliability and manageability