The current focus of network security is concerned with securing individual components as well as preventing unauthorized access to network services. While these are necessary concerns, they do not represent a complete view of network security. In this paper, we present the Lucent Network Security Framework, which provides a comprehensive, top-down, end-to-end perspective on network security.We show how this framework can be applied to network elements, services, and applications including detecting, correcting, and preventing security vulnerabilities. In addition, we demonstrate how the Network Security Framework can be applied to all types of networks and across all layers of the protocol stack. This framework has been submitted to several government and standards bodies (e.g., ITU-T and ISO), and it has been very well received. Service provider networks developed with attention to the Lucent Network Security Framework will have a comprehensive security architecture enabling new value-added revenue-generating security services such as security service-level agreements (SLAs). © 2004 Lucent Technologies Inc.