This document describes the initial version of the ASTRID architecture that will drive the technical activity in the second year of the project. The description considers the expected workflow to automate security management for a virtualized service, including the involved actors and their roles, and highlights the evolutionary and innovative steps with respect to current practice. The workflow identifies two main scopes, one for adapting the service to the ASTRID framework (pre-deployment) and the other for orchestrating security features (run-time). The document also analyses the progress towards the project objectives, by discussing to what extent the proposed architecture and its logical components fulfil the functional requirements previously identified in D1.1. Finally, the ASTRID architecture is compared with other frameworks in the same context (I2NSF from IETF), to identify possible exploitation opportunities and technological distinction.