Planning & Architecture

A robust security posture, as with any initiative, starts with clear planning and architecture. As an information security consultancy and trainer for a broad range of industries, Cygnos has had the opportunity to see what works — and what doesn't. Cygnos has produced 'blueprint' work for some of Canada's largest industries. We understand the technology — and leverage good project management and design skills to create effective security architectures.

Application Architecture | Web Architecture | Topology Design | Secure Perimeter | Biometrics | e-Business Security | Directory Services

Application Architecture

Cygnos uses best practices-based methodologies for information security in application development projects involving security-sensitive Internet-facing or partner-facing applications.

For customers who wish to develop in-house business applications, Cygnos' Application Architecture service ensures that the work is executed according to the standard blueprint for secure application development. Cygnos will oversee the development effort and ensure that it meets the architecture laid out during the planning phase.

back to top

Web Architecture

In information technology, architecture is a term applied to both the process and the outcome of thinking out and specifying the overall structure, logical components, and the logical interrelationships of a computer, its operating system, its applications, a network, or other conception.

When connecting with the outside world, secure web architecture is paramount. Cygnos regularly works with customers to develop web architectures that meet both the business and the security objectives of the organization.

back to top

Topology Design

A topology (from Greek topos: place) is a description of any kind of locality in terms of its physical layout. In the context of communication networks, a topology describes pictorially the configuration or arrangement of a (usually conceptual) network, including its nodes and connecting lines.

Working with you, Cygnos will co-develop a secure topology and network design that will meet both your business and security objectives.

back to top

Secure Perimeter

A network perimeter is defined as the subnet that insulates the Intranet from the Internet. Secure perimeter design can include any or all of the following technologies:

  • Virtual Private Network (VPN);
  • Secure Remote Access (SRA);
  • Firewalls;
  • Intrusion Detection Systems; and
  • Secure Border Routers, etc.
  • Cygnos has extensive experience in designing secure network perimeters.

back to top


In information technology, biometrics usually refers to technologies for measuring and analyzing human body characteristics such as fingerprints, eye retinas and irises, voice patterns, facial patterns, and hand measurements, especially for authentication purposes. Often seen in science-fiction action adventure movies, face pattern matchers and body scanners seem about to emerge as replacements for computer passwords.

Biometrics is increasingly becoming a required element in security - establishing the authenticity and authority of users of your systems. Along with its advantages, biometrics bring with it a range of challenges - choosing the right technology for your environment, integration into an existing infrastructure, ease of management, and so on. Cygnos has the skills to help you through this process.

back to top

e-Business Security

Many organizations have taken their business to the world via the Internet, because e-business promises new revenue streams and decreases in costs. But opening your perimeter to new customers requires significant security measures. Working with Cygnos to adopt a defense strategy is your first step toward protecting your e-business initiatives. Your e-business security strategy must overlap and support other security practices to be effective.

back to top

Directory Services

Cygnos' Directory Services offering includes:

  • PKI: A public key infrastructure enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
  • X.500: This Directory Service is a standard way to develop an electronic directory of people in an organization so that it can be part of a global directory available to anyone in the world with Internet access. Such a directory is sometimes called a global White Pages directory. The idea is to be able to look up people in a user-friendly way by name, department, or organization. Many enterprises and institutions have created an X.500 directory. Because these directories are organized as part of a single global directory, you can search for hundreds of thousands of people from a single place on the World Wide Web.
  • ADS: Active Directory is Microsoft's trademarked directory service, an integral part of the Windows 2000 architecture. Like other directory services, such as Novell Directory Services (NDS), Active Directory is a centralized and standardized system that automates network management of user data, security, and distributed resources, and enables interoperation with other directories. Active Directory is designed especially for distributed networking environments.
  • SSO: Single sign-on is a session/user authentication process that permits a user to enter one name and password in order to access multiple applications. The single sign-on, which is requested at the initiation of the session, authenticates the user to access all the applications they have been given the rights to on the server, and eliminates future authentication prompts when the user switches applications during that particular session.

back to top


Why Invest in Security?

Click above to download our brochure in Adobe Acrobat PDF format

Security Leadership Seminar

BHI & Cygnos IT Security

Contact us | Privacy Statement | Site map
This site is best viewed in 1024x768 resolution