Security is like driving a really nice (but really high maintenance) car. There is really no end to the process of analysis, tweaking, and engineering required to keep your server or organization safe and secure. In fact, the word process is really key. Secure systems, because they are forced to interact with an ever-changing set of environmental characteristics, are much more of a process than a destination. An infrastructure can never really be called secure. Instead, we refer to the relative confidence levels associated with the ongoing process of building a secure system.
This part of the book concerns itself with Security Services—specific services within Mac OS X Server designed to help increase the confidence that your server is secure (or securely interacting with your organization’s IT environment). These services are required because security is a rather late architectural requirement for server products. Most protocols examined in this book were engineered at a time when the Internet was a far friendlier place. Getting them to function securely in a modern IT environment—as you all know—can be quite the challenge.
Chapters in this part of the book include:
|Chapter 20, The Mac OS X Server Firewall|
|Chapter 21, Virtual Private Networks|