Security Tooling Reference Architecture
Security tooling often feels like a jigsaw puzzle in which some pieces are missing entirely and others overlap, thus creating expensive redundancy.
With people and processes to take into consideration, information security is so much broader than just tooling. Yet there are times when you need to really examine a security tool’s capability and understand where it fits in the overall tapestry of existing solutions.
I tend to have an associative-style of memory, so it helps to think of “major” security modules like firewalls first, then associate secondary functionality (URL filtering, SSL VPN for example) to the core function. It’s a “planet with orbital moons” style of thought organization which isn’t always reflective of reality, but it does help in retaining the plethora of security acronyms that doesn’t seem to be getting simpler any time soon.
It’s also useful to have a “checklist” of sorts which is used to analyze the existence of security components within a particular enterprise. Thus I’ve created the Center Mast security tooling reference architecture below.