036
ENTERPRISE SECURITY BLUEPRINT
MANAGEMENT LAYER
03
The Management Layer should enforce the Least Privilege and Segregation of Duties
principles for both administrator actions and for Management Layer automation scripts.
This helps mitigate policy complexity, misconfiguration risk and insider threats. For
example, different teams might be responsible for administration of access control and
threat prevention protections.
A robust segregation of duties capability can support a delegation framework that
prevents the bottlenecks that occur naturally when relying exclusively on dedicated
security personnel. Business users can be authorized to manage access rights for the
entities within their scope of responsibility and can be provided with appropriate user
interfaces to perform these management tasks. At the extreme end of the delegation
spectrum, end-users can be entrusted with everyday security decisions – such as whether
to access a suspicious site. For example, a user could provide business justification for
accessing a file or network service, and this request, once examined by an administrator,
could be allowed or denied.
Different protection types define different administration use cases. In contrast with
the access control policy which is tailored for each segment based on enterprise-specific
configuration, and with data protections which are focused on data classifications, the
applicable threat prevention protections for each segment are selected based on the
generic characteristics of each protection:
Level of confidence of each individual protection (level of risk for false positives)
Severity to the business of the corresponding attack
Policy modularity
Figure 3-A
Figure 3-a: Policy modularity
INTERNET
LAN
DMZ
DATA CENTER
MPLS
DEPARTMENTAL
SERVERS
SENSITIVE
SERVERS
INTERNAL
SERVERS
3
1
2
Enforcement
Point
Enforcement
Point
