| |
| |
Preface--Look before You Leap | |
| |
| |
Audience | |
| |
| |
Prerequisites | |
| |
| |
Acknowledgments | |
| |
| |
| |
TCP/IP Internetworking and Internet Services | |
| |
| |
| |
Comparing TCP/IP to the OSI Reference Model | |
| |
| |
| |
Packet-Based Communication | |
| |
| |
| |
Media Access Control (MAC) | |
| |
| |
| |
Frames | |
| |
| |
| |
Unicast, Broadcast, and Multicast Packets | |
| |
| |
| |
Communication in IP Networks | |
| |
| |
| |
Address Resolution Protocol (ARP) | |
| |
| |
| |
Routing | |
| |
| |
| |
Route Advertisement and Learning | |
| |
| |
| |
Internet Control Message Protocol (ICMP) | |
| |
| |
| |
Internet Services | |
| |
| |
| |
Emphasis on TCP and UDP | |
| |
| |
| |
TCP Connections | |
| |
| |
| |
UDP Data Streams | |
| |
| |
| |
Request for Comments (RFC) | |
| |
| |
| |
Standard Internet Service Protocols | |
| |
| |
| |
Domain Name System (DNS) | |
| |
| |
| |
File Transfer Protocol (FTP) | |
| |
| |
| |
Mail | |
| |
| |
| |
News (NNTP) | |
| |
| |
| |
Terminal Emulation (Telnet) | |
| |
| |
| |
Web (HTTP) | |
| |
| |
| |
Security/Encryption (SSL) | |
| |
| |
| |
Non-TCP-Based and Non-UDP-Based Services | |
| |
| |
| |
IP Protocols | |
| |
| |
| |
IP in IP Encapsulation | |
| |
| |
| |
Generic Routing Encapsulation (GRE) | |
| |
| |
| |
Selecting Your Internet Service Provider | |
| |
| |
| |
Chapter Overview | |
| |
| |
| |
Types of ISPs | |
| |
| |
| |
Network Service Providers | |
| |
| |
| |
Internet Service Providers (Resellers) | |
| |
| |
| |
Which Type of ISP Is Right for You? | |
| |
| |
| |
Basic Access Products | |
| |
| |
| |
Internet Services Provided | |
| |
| |
| |
Connection Capacity (Bandwidth) | |
| |
| |
| |
Access Provisioning (WAN Circuits) | |
| |
| |
| |
Equipment Selection and Provisioning | |
| |
| |
| |
Installation and Setup Services | |
| |
| |
| |
Domain Name Registration | |
| |
| |
| |
Mail Exchange (MX) Records | |
| |
| |
| |
Allocation of an IP Address Pool | |
| |
| |
| |
Activation Support (Installation) | |
| |
| |
| |
Post-Sales Support | |
| |
| |
| |
Extended Services | |
| |
| |
| |
Web Hosting | |
| |
| |
| |
Security | |
| |
| |
| |
Virtual Private Networks | |
| |
| |
| |
Remote Access | |
| |
| |
| |
Faxing | |
| |
| |
| |
Multicasting and MBone | |
| |
| |
| |
News Fed | |
| |
| |
| |
Knowledge Services (Consulting) | |
| |
| |
| |
Capacity Scaling and Oversubscription | |
| |
| |
| |
Network Infrastructure | |
| |
| |
| |
Pricing | |
| |
| |
| |
Fixed versus Usage-Based Pricing | |
| |
| |
| |
Obtaining Quotations | |
| |
| |
| |
Contract Terms | |
| |
| |
| |
Negotiating | |
| |
| |
| |
Checklist--Selecting the ISP | |
| |
| |
| |
Provisioning Your Wide Area Network | |
| |
| |
| |
Chapter Overview | |
| |
| |
| |
Circuit Capacity (Bandwidth) | |
| |
| |
| |
DS-1 Circuits (E-1 and T-1) | |
| |
| |
| |
Dual DS-1 Circuits | |
| |
| |
| |
DS-3 Circuits (T-3 and E-3) | |
| |
| |
| |
Components of WAN Circuits | |
| |
| |
| |
Circuit Technologies | |
| |
| |
| |
Point-to-Point | |
| |
| |
| |
Frame Relay | |
| |
| |
| |
SMDS | |
| |
| |
| |
ISDN | |
| |
| |
| |
ADSL | |
| |
| |
| |
Delivering the Circuit | |
| |
| |
| |
Facilities | |
| |
| |
| |
Premise Demarcation | |
| |
| |
| |
Circuit Conditioning | |
| |
| |
| |
North American T-1 | |
| |
| |
| |
European E-1 | |
| |
| |
| |
North American T-3 | |
| |
| |
| |
Premise Equipment Configuration and Connections | |
| |
| |
| |
CSU/DSUs | |
| |
| |
| |
T-1 Circuits | |
| |
| |
| |
E-1 Circuits | |
| |
| |
| |
T-3 Circuits | |
| |
| |
| |
ISDN Network Termination | |
| |
| |
| |
Checklist--WAN Provisioning | |
| |
| |
| |
Planning Your Security | |
| |
| |
| |
Chapter Overview | |
| |
| |
| |
The Real Need for Security | |
| |
| |
| |
World View, Default Stance, and Direction | |
| |
| |
| |
World View | |
| |
| |
| |
Default Stance | |
| |
| |
| |
Default Action | |
| |
| |
| |
Direction | |
| |
| |
| |
Access Control Technologies | |
| |
| |
| |
Packet Filtering | |
| |
| |
| |
Circuit Proxies | |
| |
| |
| |
Application Gateways | |
| |
| |
| |
Stateful Inspection | |
| |
| |
| |
Network Address Translation | |
| |
| |
| |
Firewall Products Explained | |
| |
| |
| |
Configuring | |
| |
| |
| |
Attack Screening | |
| |
| |
| |
Authentication | |
| |
| |
| |
Encryption and Virtual Private Networks | |
| |
| |
| |
Event Logging and Intrusion Notification | |
| |
| |
| |
Other Integrated Services | |
| |
| |
| |
Vendors | |
| |
| |
| |
Typical Policies | |
| |
| |
| |
Outbound Traffic | |
| |
| |
| |
Inbound Traffic | |
| |
| |
| |
Service-Specific Recommendations | |
| |
| |
| |
Problematical Services | |
| |
| |
| |
Security Auditing | |
| |
| |
| |
Need | |
| |
| |
| |
Software Tools | |
| |
| |
| |
Auditing Services | |
| |
| |
| |
Keeping Current | |
| |
| |
| |
Checklist--Security | |
| |
| |
| |
Designing Your Network Architecture | |
| |
| |
| |
Chapter Overview | |
| |
| |
| |
Delineate Your Service Objectives | |
| |
| |
| |
Services Accessed from the Internet | |
| |
| |
| |
Services Provided to the Internet | |
| |
| |
| |
Other Services | |
| |
| |
| |
Assess Your Design Factors | |
| |
| |
| |
Security | |
| |
| |
| |
Cost | |
| |
| |
| |
Select a Prototype Design | |
| |
| |
| |
Design 1--Single Filter for Screening Internal Hosts | |
| |
| |
| |
Design 2--Single Filter for Screening Servers | |
| |
| |
| |
Design 3--Single Filter with Screened Subnet | |
| |
| |
| |
Design 4--Dual Filter with Screened Subnet | |
| |
| |
| |
Determine Your IP Architecture | |
| |
| |
| |
IP Addressing | |
| |
| |
| |
IP Subnetting | |
| |
| |
| |
Configuring IP Routing (Tips and Traps) | |
| |
| |
| |
Equipment Selection | |
| |
| |
| |
Routers | |
| |
| |
| |
WAN Interfaces for Routers | |
| |
| |
| |
Reiterating the Design Process | |
| |
| |
| |
Checklist--Network Architecture and Equipment Selection | |
| |
| |
| |
Staging and Testing Your Design | |
| |
| |
| |
Chapter Overview | |
| |
| |
| |
Assemble Your Tools | |
| |
| |
| |
Software Utilities | |
| |
| |
| |
Network Analyzer | |
| |
| |
| |
Routing Diagnostics | |
| |
| |
| |
Server Applications | |
| |
| |
| |
Client Applications | |
| |
| |
| |
Network Hardware | |
| |
| |
| |
Staging Equipment | |
| |
| |
| |
Test Your Routing | |
| |
| |
| |
Test Your Security (Filtering) | |
| |
| |
| |
Test Mandatory Services | |
| |
| |
| |
Checklist--Staging and Testing | |
| |
| |
| |
Implementing and Validating Your New Connection | |
| |
| |
| |
Chapter Overview | |
| |
| |
| |
Complete the WAN Circuit | |
| |
| |
| |
Going Live with the ISP | |
| |
| |
| |
Deactivate Your Security | |
| |
| |
| |
Test WAN Connectivity | |
| |
| |
| |
Test Routing to the Internet | |
| |
| |
| |
Test Connectivity to DNS and Mail Servers | |
| |
| |
| |
Reactivate Security | |
| |
| |
| |
Troubleshooting the WAN | |
| |
| |
| |
Validating Operation and Security after Start-Up | |
| |
| |
| |
Checklist--Implementation and Validation | |
| |
| |
| |
Managing Your Connection | |
| |
| |
| |
Chapter Overview | |
| |
| |
| |
Evaluating New Services | |
| |
| |
| |
Checking for Security Breaches | |
| |
| |
| |
Usage Monitoring and Baselining | |
| |
| |
| |
Addressing Performance and Connectivity Issues | |
| |
| |
| |
Moving to a New ISP | |
| |
| |
| |
Your Internet Connection on Autopilot | |
| |
| |
| |
Network Address Translation | |
| |
| |
| |
Virtual Private Networks | |
| |
| |
| |
How the Internet Functions | |
| |
| |
| |
Backbone Construction | |
| |
| |
| |
Domain Name System | |
| |
| |
| |
The Internet Management and Services | |
| |
| |
| |
Obtaining IP Addresses and Domain Names | |
| |
| |
| |
Internet Problems | |
| |
| |
| |
Predicted Growth and Capacity Planning | |
| |
| |
| |
IP Address Depletion | |
| |
| |
| |
Dynamic Host Configuration Protocol | |
| |
| |
| |
Helpful Web Sites | |
| |
| |
| |
Firewall/Security Sites | |
| |
| |
| |
Freeware Sites | |
| |
| |
| |
Internet Administration Sites | |
| |
| |
| |
Internet Service Providers | |
| |
| |
Bibliography | |
| |
| |
Glossary | |
| |
| |
Index | |