In this chapter, we examine how we might protect our networks from a variety of different angles. We go over secure network design and segmentation, ensuring that we have the proper choke points to enable control of traffic and that we are redundant where redundancy is needed. We look into the implementation of security devices such as firewalls and intrusion detection systems, the protection of our network traffic with virtual private networks (VPNs) and security measures specific to wireless networks when we need to use them, and the use of secure protocols. We also consider a variety of security tools, such as Kismet, Wireshark, Nmap, honeypots, and other similar utilities.
Design; firewall; honeypot; IDS; ...