Secure Network Infrastructure Design: An Engineering Approach

Описание: In this video we’re going to design a secure network the way an engineer would design a bridge: we start with requirements, we model the system, we analyze the risks, and only then do we pick technologies.

By the end, you’ll have a repeatable method you can apply to campus networks, data centers, hybrid cloud, or even a small business with a few sites. You’ll also hear a mini case study where we walk through the process for a 500 person organization.

As we go, keep one idea in mind: security is not a box you add at the end. Security is a property of the whole network—topology, identity, configuration, monitoring, and operations all work together. When any one of those is weak, attackers route around your “best” tool.

So let’s build a mental toolkit: the steps, the artifacts you should produce, and the design decisions you should be able to justify. Think of this as a classroom lecture you can replay whenever you’re facing a new network design problem.

=====

Video Description
https://adventuresinsecurity.com/scri...

=====

Bibliography

Center for Internet Security. (2021). CIS Critical Security Controls v8. https://www.cisecurity.org/controls/v8

Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer security incident handling guide (NIST Special Publication 800-61 Rev. 3). National Institute of Standards and Technology. https://nvlpubs.nist.gov/nistpubs/Spe...

Joint Task Force. (2018). Risk management framework for information systems and organizations: A system life cycle approach for security and privacy (NIST Special Publication 800-37 Rev. 2). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-37r2

Joint Task Force. (2020). Security and privacy controls for information systems and organizations (NIST Special Publication 800-53 Rev. 5). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-53r5

Joint Task Force Transformation Initiative. (2012). Guide for conducting risk assessments (NIST Special Publication 800-30 Rev. 1). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-30r1

Kent, S., & Seo, K. (2005). Security architecture for the Internet Protocol (RFC 4301). RFC Editor. https://www.rfc-editor.org/rfc/rfc4301

National Institute of Standards and Technology. (2018). Framework for improving critical infrastructure cybersecurity (Version 1.1). https://doi.org/10.6028/NIST.CSWP.041...

Rekhter, Y., Moskowitz, B., Karrenberg, D., de Groot, G. J., & Lear, E. (1996). Address allocation for private internets (RFC 1918). RFC Editor. https://www.rfc-editor.org/rfc/rfc1918

Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero trust architecture (NIST Special Publication 800-207). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207

Ross, R., McEvilley, M., & Oren, J. (2018). Systems security engineering: Considerations for a multidisciplinary approach in the engineering of trustworthy secure systems (NIST Special Publication 800-160 Vol. 1). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-1...

The MITRE Corporation. (n.d.). MITRE ATT&CK®. Retrieved February 23, 2026, from https://attack.mitre.org/



cybersecurity, cyber, security, information, compliance, network design, engineeri