A practical approach to manage data communication security

This paper describes a practical approach to manage the security of data communication infrastructures. The approach is based upon the classification of network segments and the description of the relation between segments. This will result in a clear view of the security characteristics of all relevant data communication paths, even in large networks. This view is useful for data communication product managers, information system owners and IT auditors. The examples in this paper are based upon an implementation of this approach for the Rabobank IP network infrastructure. The examples however reflect a simplified version of this network for illustration purposes.