This part of ISO/IEC27033 describes the threats, design techniques and control issues associated with reference network scenarios. For each scenario, it provides detailed guidance on the security threats and the security design techniques and controls required to mitigate the associated risks. Where relevant, it includes references to ISO/IEC27033-4 to ISO/IEC27033-6 to avoid duplicating the content of those documents.
The information in this part of ISO/IEC27033 is for use when reviewing technical security architecture/design options and when selecting and documenting the preferred technical security architecture/design and related security controls, in accordance with ISO/IEC27033-2. The particular information selected (together with information selected from ISO/IEC27033-4 to ISO/IEC27033-6) will depend on the characteristics of the network environment under review, i.e. the particular network scenario(s) and ‘technology’ topic(s) concerned.
Overall, this part of ISO/IEC27033 will aid considerably the comprehensive definition and implementation of security for any organization\'s network environment.