Welcome back to my blog series on Security Design Decisions. The intent of this blog post is to explore the need for a solid security framework, since more and more companies are now investing in security automation to fill in the gap.

When designing new implementations, Citrix Consulting uses a layered approach: User Layer, Access Layer, Resource Layer, Control Layer, and Hardware Layer. There are important security decisions associated with each of these layers, and I’m going to walk you through each approach in this blog series. If you missed my first blog post on User Layer, you can check it out here.

In this post, I’ll discuss the intricacies of the Access layer. The access layer is like a great wall that stands between the users and the resources. This is the first line of defense and it cannot be weak, because your security is only as strong as your weakest link. Like the User Layer, we must plan who can access and answer who, what, where, when, why, and how:

via the fine folks at Citrix Systems, Inc.