Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Network Diagram Guidance:

Step 1: Identify the components that make up your system

  • What devices?
    • Servers, workstations, and printers (including hostnames and IP addresses)
    • Routers and firewalls
  • Where are those devices located?
      • Physically - IT Data Center, UCI building, AWS cloud, etc.
      • What network/sub-net do the devices sit on?
      • Are there any test environments used?
      • Are there any 3rd party networks that support your system?
        • cloud services, other non-UCI networks

Step 2: Group together devices and locations and draw out all components.

  • Components:
    • Servers, workstations, printers
    • Firewalls
    • Subnets
    • Data centers
    • 3rd party network
    • Test environments
    •  For better visibility you can use different colors to illustrate what devices are internal or external to UCI. 

Step 3: Draw lines connecting different components together.

 

Example Network Diagram

The below example has key information highlighted. (This example is "based" on a real system, but the hostnames/IP addresses and some of the details were made up to protect the innocent).  Your diagrams may not look exactly like this, but it should convey the same level of detail and amount of information to aid in the review process.  

  • Key pieces: Network segment subnet definitions, relevant hostnames/IPs, building routers and firewalls names if exist (switches unnecessary), OS/type of host, relationship to campus, Internet, or 3rd party networks.
  • Visio Format

Data Flow Diagram Guidance:

What is a Data Flow Diagram?

  • A data flow diagram illustrates how data flows throughout the system. It answers the questions:
    • How does data enter the system?
    • How and where does data travel within the system?
    • How does data exit the system?
    • How is data changed or transformed throughout the system?
    • Where is data stored?

Drawing a Data Flow Diagram:

Step 1: Start off by drawing a context diagram

  • A context diagram is a diagram that illustrates how the system works from start to finish. Anyone who views the context diagram should be able to understand at a high-level what is happening within the system.Data Flow Diagram Notations:
    • Entity – creates or use data.
    • Process – activity that changes data.
    • Data Store – stores data
    • Data Flow – movement of data. Arrows should denote the direction of data flow

Step 2: Add a red dashed line for any firewalls being used.

Step 3: Add any technical processes that occurs within entities

Step 4: Add information tags to all data flow arrows.

 

 

 

 

 

 

Example Data Flow Diagram (for sensitive and restricted information)

  • Key pieces: The hosts in your system that store or allow sensitive/restricted information to be transmitted through them, as well as all entry points of that data into the system, and all exit points of that data out of the system, and any flow of data within subsystems.  Arrows should denote the direction of data flow.  The type of data should be noted. The type of transport protocol, encryption, and any relevant access controls of data in transit should be noted.  The type of data storage, encryption, and any relevant access controls of data at rest should be noted.  Lines denoting boundaries of firewalled segments should be noted.
  • Visio Format

 

 

  • No labels