In this paper we show how distributed coarse-grained IT systems in a real-world banking scenario can be modelled using domain concepts and languages that are standing on top of formal methods. We further show how these methods help to enforce structural security requirements, like firewall placements. In contrast to today’s diagrams of IT landscapes, this approach makes use of the full power of formal methods, being at the same time completely transparent to the people using it in the scenario. This is what makes this theoretical approach applicable in a real-world environment where people are highly sensitive to set-up costs and any daily operational overhead.