We ve covered a lot of ground in this chapter because your network infrastructure is literally and figuratively the backbone of your network. Infrastructure security touches every aspect of your network, and a thorough assessment will take time and careful effort to complete so that your network is as secure as it can reasonably be, given the organizational constraints and considerations you ll have to deal with. It s often helpful to break the network infrastructure down into it systems or areas to help ensure that you cover all the areas, including devices and media, topology, intrusion detection and prevention, system hardening, and all the network components such as routers, switches, and modems. Once you ve identified all the areas, you need to take a top-to-bottom look at how security is currently implemented and what threats exist. By looking at issues such as information criticality and performing an impact analysis, you can decide what should be included in your project and what can reasonably be left out or delayed for a later phase if needed. Understanding the threat environment and your network s vulnerabilities is also important during your planning phase.

Requirements need to be thoroughly developed because they form the foundation of your project s scope. Functional requirements should be developed first, followed by technical, legal, and policy requirements. Be sure to build these into your task details when you create your WBS so that all required elements will be present and accounted for in your project plan.

In an infrastructure security project, you ll...