Chapter 6. The SAFE Security Blueprint | CCSP CSI Exam Cram 2 (Exam Cram 642-541)

Terms you'll need to understand:

Defense in depth
SMR
IDS
False positive
HIDS
NIDS
OOB
IPT

Techniques you'll need to master:

Managing devices in- band
Managing device out-of-band
Implementing resiliency
Analyzing design alternatives

More than anything else, the SAFE Blueprint is a design philosophy presented as a whitepaper .

Whitepapers

Lots of networking documents are presented as "whitepapers," but how many network engineersand aspiring network engineersknow what a whitepaper is? When in doubt, go to the dictionary. Merriam-Webster OnLine says that a whitepaper is "a detailed or authoritative report" on a topic. So now you know what's implied when someone says he has a whitepaper on a subject you need to know more about.

Naturally, you should be a little skeptical. One vendor I know is fond of publishing whitepapers about its productsbut the whitepapers are pure marketing information, although at least they are somewhat technical. In fact, all vendors ' whitepapers have at least some marketing bent to them. Caveat emptor let the buyer bewareapplies to whitepapers as well as everything else.

Cisco has provided the SAFE Blueprint as a whitepaper on secure network design. However, it is actually more than just that: The goal of the Blueprint is to provide what Cisco calls best-practice information to interested parties on designing and implementing secure networks. When you add implementation as a goal, you automatically add some important characteristics, such as feasibility, manageability, practicality, minimal user inconvenience, and so forth. You require the design to live in the real world, not just a lab.