We are in the process of revising the patterns in the library to ensure they are consistent, and simplify where possible. One idea is that we should create a few additional modules to reduce the number of controls that are specified on each pattern.
The set of modules could be:
- DMZ- new module to show standard DMZ environment for hosting applications or connections to untrusted networks or systems
- High Security Network Zone- new module to show high security environment for hosting sensitive applications such as Finance and HR systems, Payment processing, Source code repository etc
- Information Security Management System- new module for the baseline controls required for IS management of environment
- Client- existing module that shows baseline set of controls for clients
- Server- existing module that shows baseline set of controls for servers
Hoping to make some progress on these in the next month or so. Drop us a line if you want to contribute.