Security Tooling Reference Architecture

May 31, 2017 By David Torre Blog

Security tooling often feels like a jigsaw puzzle in which some pieces are missing entirely and others overlap, thus creating expensive redundancy.

With people and processes to take into consideration, information security is so much broader than just tooling. Yet there are times when you need to really examine a security tool’s capability and understand where it fits in the overall tapestry of existing solutions.

I tend to have an associative-style of memory, so it helps to think of “major” security modules like firewalls first, then associate secondary functionality (URL filtering, SSL VPN for example) to the core function. It’s a “planet with orbital moons” style of thought organization which isn’t always reflective of reality, but it does help in retaining the plethora of security acronyms that doesn’t seem to be getting simpler any time soon.

It’s also useful to have a “checklist” of sorts which is used to analyze the existence of security components within a particular enterprise. Thus I’ve created the Center Mast security tooling reference architecture below.securitytoolingreferencemodel


You may unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our privacy notice. Note that we use Mailchimp as our email service provider. By clicking subscribe, you acknowledge that your information will be transferred to Mailchimp for processing.

About David Torre

David Torre is a business technology veteran with years of experience coupled with degrees in both information systems and business intelligence. This combination of skills has enabled David to provide enterprise solutions to well-known companies who face some of the toughest challenges in the business world today.

David currently resides in the San Francisco Bay Area where he runs Center Mast, LLC.