| |
| |
Foreword | |
| |
| |
Preface | |
| |
| |
| |
Network Security Foundations | |
| |
| |
| |
Network Security Axioms | |
| |
| |
Network Security Is a System | |
| |
| |
Business Priorities Must Come First | |
| |
| |
Network Security Promotes Good Network Design | |
| |
| |
Everything Is a Target | |
| |
| |
Everything Is a Weapon | |
| |
| |
Strive for Operational Simplicity | |
| |
| |
Good Network Security Is Predictable | |
| |
| |
Avoid Security Through Obscurity | |
| |
| |
Confidentiality and Security Are Not the Same | |
| |
| |
Summary | |
| |
| |
Reference | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
Security Policy and Operations Life Cycle | |
| |
| |
You Can't Buy Network Security | |
| |
| |
What Is a Security Policy? Security System Development and Operations Overview | |
| |
| |
Summary | |
| |
| |
References | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
Secure Networking Threats | |
| |
| |
The Attack Process | |
| |
| |
Attacker Types | |
| |
| |
Vulnerability Types | |
| |
| |
Attack Results | |
| |
| |
Attack Taxonomy | |
| |
| |
Summary | |
| |
| |
References | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
Network Security Technologies | |
| |
| |
The Difficulties of Secure Networking | |
| |
| |
Security Technologies | |
| |
| |
Emerging Security Technologies | |
| |
| |
Summary | |
| |
| |
References | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
Designing Secure Networks | |
| |
| |
| |
Device Hardening | |
| |
| |
Components of a Hardening Strategy | |
| |
| |
Network Devices | |
| |
| |
Host Operating Systems | |
| |
| |
Applications | |
| |
| |
Appliance-Based Network Services | |
| |
| |
Rogue Device Detection | |
| |
| |
Summary | |
| |
| |
References | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
General Design Considerations | |
| |
| |
Physical Security Issues | |
| |
| |
Layer 2 Security Considerations | |
| |
| |
IP Addressing Design Considerations | |
| |
| |
ICMP Design Considerations | |
| |
| |
Routing Considerations | |
| |
| |
Transport Protocol Design Considerations | |
| |
| |
DoS Design Considerations | |
| |
| |
Summary | |
| |
| |
References | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
Network Security Platform Options and Best Deployment Practices | |
| |
| |
Network Security Platform Options | |
| |
| |
Network Security Device Best Practices | |
| |
| |
Summary | |
| |
| |
Reference | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
Common Application Design Considerations | |
| |
| |
E-Mail | |
| |
| |
DNS. HTTP/HTTPS. FTP. Instant Messaging | |
| |
| |
Application Evaluation | |
| |
| |
Summary | |
| |
| |
References | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
Identity Design Considerations | |
| |
| |
Basic Foundation Identity Concepts | |
| |
| |
Types of Identity | |
| |
| |
Factors in Identity | |
| |
| |
Role of Identity in Secure Networking | |
| |
| |
Identity Technology Guidelines | |
| |
| |
Identity Deployment Recommendations | |
| |
| |
Summary | |
| |
| |
References | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
IPsec VPN Design Considerations | |
| |
| |
VPN Basics | |
| |
| |
Types of IPsec VPNs | |
| |
| |
IPsec Modes of Operation and Security Options | |
| |
| |
Topology Considerations | |
| |
| |
Design Considerations | |
| |
| |
Site-to-Site Deployment Examples | |
| |
| |
IPsec Outsourcing | |
| |
| |
Summary | |
| |
| |
References | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
Supporting-Technology Design Considerations | |
| |
| |
Content | |
| |
| |
Load Balancing | |
| |
| |
Wireless LANs | |
| |
| |
IP Telephony | |
| |
| |
Summary | |
| |
| |
References | |
| |
| |
Applied Knowledge Questions | |
| |
| |
| |
Designing Your Security System | |
| |
| |
Network Design Refresher | |
| |
| |
Security System Concepts | |
| |
| |
Impact of Network Security on the Entire Design | |
| |
| |
Ten Steps to Designing Your Security System | |
| |
| |
Summary | |
| |
| |
Applied Knowledge Questio | |