Definition - What does Network Security Architectrue mean?
Network security architecture is a set of principles and guidelines that describe the security services that govern the network and all users and applications within it, essentially everything within and about the network. The architecture is designed to meet the needs of the users and the enterprise or business while managing the systems that implement these services and to set performance levels in dealing with security threats.
Techopedia explains Network Security Architectrue
Network security architecture is a governing model that dictates the kinds of security services that should be in place in order to protect the network from both external and internal malicious manipulation and attacks. This architecture is specifically created for the network and may vary between different implementations; however, a consistent trait of the architecture is that it should synergize with the overall security architecture being used by the enterprise. It should not create its own rules that may conflict with already established security services or force the current system to adapt to it.
Network security architecture ties in with the current trusted computing base (TCB) of the enterprise, which is composed of the hardware, firmware, software, operating systems and applications being used with security services. In short, the TCB is all of the elements in the system responsible for supporting the security policy. It is ideal to create the network security architecture together with the overall security architecture of the enterprise so that everything can work together and be updated together.
The basics of a network security architecture are as follows:
Access control list — Access rights of system components and users
Content filtering — Interception of potentially unwanted or malicious content
Validation mechanism — Validation of application data and users from a reference
Restriction — Prevention of unauthorized access
Resource isolation — Separation of resources from each other and enforcement of access controls