End-to-End Network Security Defense-in-Depth

ISBN-10: 1587053322

ISBN-13: 9781587053320

Edition: 2008

Authors: Omar Santos

List price: $64.99
eBook available
30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy


"End-to-End Network Security" "Defense-in-Depth" Best practices for assessing and improving network defenses and responding to security incidents Omar Santos Information security practices have evolved from Internet perimeter protection to an in-depth defense model in which multiple countermeasures are layered throughout the infrastructure to address vulnerabilities and attacks. This is necessary due to increased attack frequency, diverse attack sophistication, and the rapid nature of attack velocity-all blurring the boundaries between the network and perimeter. "End-to-End Network Security" is designed to counter the new generation of complex threats. Adopting this robust security strategy defends against highly sophisticated attacks that can occur at multiple locations in your network. The ultimate goal is to deploy a set of security capabilities that together create an intelligent, self-defending network that identifies attacks as they occur, generates alerts as appropriate, and then automatically responds. "End-to-End Network Security" provides you with a comprehensive look at the mechanisms to counter threats toeach part of your network. The book starts with a review of network security technologies then covers the six-step methodology for incident response and best practices from proactive security frameworks. Later chapters cover wireless network security, IP telephony security, data center security, and IPv6 security. Finally, several case studies representing small, medium, and large enterprises provide detailed example configurations and implementation strategies of best practices learned in earlier chapters. Adopting the techniques and strategies outlined in this book enables you to prevent day-zero attacks, improve your overall security posture, build strong policies, and deploy intelligent, self-defending networks. "Within these pages, you will find many practical tools, both process related and technology related, that you can draw on to improve your risk mitigation strategies." -Bruce Murphy, Vice President, World Wide Security Practices, Cisco Omar Santos is a senior network security engineer at Cisco(R). Omar has designed, implemented, and supported numerous secure networks for Fortune 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored manyengineers within both organizations. Guard your network with firewalls, VPNs, and intrusion prevention systems Control network access with AAA Enforce security policies with Cisco Network Admission Control (NAC) Learn how to perform risk and threat analysis Harden your network infrastructure, security policies, and procedures against security threats Identify and classify security threats Trace back attacks to their source Learn how to best react to security incidents Maintain visibility and control over your network with the SAVE framework Apply Defense-in-Depth principles to wireless networks, IP telephony networks, data centers, and IPv6 networks This security book is part of the Cisco Press(R) Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks. Category: Networking: Security Covers: Network security and incident response $55.00 USA / $63.00 CAN
eBooks Starting from $51.99
Buy eBooks
what's this?
Rush Rewards U
Members Receive:
You have reached 400 XP and carrot coins. That is the daily max!
Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS PowerPoint® 2010 Online content $4.95 $1.99
Customers also bought

Book details

List price: $64.99
Copyright year: 2008
Publisher: Cisco Press
Publication date: 8/24/2007
Binding: Paperback
Pages: 480
Size: 7.25" wide x 9.00" long x 1.00" tall
Weight: 1.738
Language: English

Introduction to Network Security Solutions
Network Firewalls
Network Address Translation (NAT)
Stateful Firewalls
Deep Packet Inspection
Demilitarized Zones
Personal Firewalls
Virtual Private Networks (VPN)
Technical Overview of IPsec
Phase 1
Phase 2
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
Pattern Matching
Protocol Analysis
Heuristic-Based Analysis
Anomaly-Based Analysis
Anomaly Detection Systems
Authentication, Authorization, and Accounting (AAA) and Identity Management
Identity Management Concepts
Network Admission Control
NAC Appliance
NAC Framework
Routing Mechanisms as Security Tools
Security Lifestyle: Frameworks and Methodologies
Preparation Phase
Risk Analysis
Threat Modeling
Penetration Testing
Social Engineering
Security Intelligence
Common Vulnerability Scoring System
Base Metrics
Temporal Metrics
Environmental Metrics
Creating a Computer Security Incident Response Team (CSIRT)
Who Should Be Part of the CSIRT?
Incident Response Collaborative Teams
Tasks and Responsibilities of the CSIRT
Building Strong Security Policies
Infrastructure Protection
Strong Device Access Control
SSH Versus Telnet
Local Password Management
Configuring Authentication Banners
Interactive Access Control
Role-Based Command-Line Interface (CLI) Access in Cisco IOS
Controlling SNMP Access
Securing Routing Protocols
Configuring Static Routing Peers
Route Filtering
Time-to-Live (TTL) Security Check
Disabling Unnecessary Services on Network Components
Cisco Discovery Protocol (CDP)
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.