Philosophy

SAFE is actually not terribly concerned about the physical placement of devices (such as specifying that a firewall must go on this circuit). Instead, its focus is on assessing the threats to information assets and then placing appropriate technologies where they can mitigate those threats.

Mitigate is an important idea: You can alleviate your security problems and make them less painful, but as long as you choose to have a network, you will have security problems. You can keep them from being as bad as they might otherwise be, but you cannot eliminate them.

Because there will always be problems, the SAFE Blueprint uses defense in depth. This concept applies defense like an onion (with many layers that never get easier to deal with) instead of like a candy (with a hard shell outside and a soft, chewy center). By having many layers of defense, the network is protected from threats that originate inside as well as outside (and remember that insiders are potentially more dangerous). The network is also protected from threats that manage to get through the outer layer of protection, despite your best efforts.

The SAFE Blueprint is designed to introduce and provide an easy guidedemonstrated using Cisco products, of courseto the concept of defense in depth. That concept has become an important security industry standard, implementing security in layers that include firewalls, backup systems, redundant systems, disaster recovery, and incident handling.

In addition, SAFE does not use repeated layers of the same approach, such as three layers of firewalls. Different security technologies require different capabilities to get past. If a threat manages to penetrate the first layer, it's unlikely to get past the second layer of a different security technology, although it could probably penetrate another layer of the same technology. The result is that you make successful penetration of multiple layers unlikely if the layers are different.