O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

The Practice of Network Security: Deployment Strategies for Production Environments

Book Description

Enterprise security for real netadmins in the real worldThis book shows how to secure an enterprise network in the real world--when you're on the front lines, constantly under attack, and you don't always get the support you need. Symantec security engineer and former UUNet network architect Allan Liska addresses every facet of network security, from risk profiling through access control, Web/email security through day-to-day monitoring. He systematically identifies today's most widespread security mistakes and vulnerabilities--and offers realistic solutions you can begin implementing right away.Coverage Includes:

  • Quantifying security risks and "selling" security throughout the organization

  • Defining security models that reflect your company's philosophy

  • Translating your security model into effective, enforceable policies

  • Making your routers and switches your first lines of network defense

  • Controlling access via authentication, authorization, and accounting

  • Configuring secure VPNs and remote access

  • Securing wireless LANs and WANs

  • Establishing a DMZ between your network and the public Internet

  • Securing Web/application servers, DNS servers, email servers, and file/print servers

  • Implementing effective day-to-day network security administration, monitoring, and logging

  • Responding to attacks: detect, isolate, halt, report, and prosecute

Liska integrates these techniques in an end-to-end case study, showing you how to redesign an insecure enterprise network for maximum security--one step at a time.

Table of Contents

  1. Copyright
  2. Prentice Hall PTR Series in Computer Networking and Distributed Systems
  3. About Prentice Hall Professional Technical Reference
  4. Acknowledgements
  5. Introduction
  6. Defining the Scope
    1. What is Network Security?
    2. What Types of Network Security Are Important?
    3. What Is the Cost of Lax Security Policies?
    4. Where Is the Network Vulnerable?
    5. The Network
    6. Summary
  7. Security Model
    1. Choosing a Security Model
    2. OCTAVE
    3. Build Asset-Based Threat Profiles
    4. Identify Infrastructure Vulnerabilities
    5. Evaluate Security Strategy and Plans
    6. Summary
  8. Understanding Types of Attacks
    1. Sniffing and Port Scanning
    2. Exploits
    3. Spoofing
    4. Distributed Denial of Service Attacks
    5. Viruses and Worms
    6. Summary
  9. Routing
    1. The Router on the Network
    2. The Basics
    3. Disabling Unused Services
    4. Redundancy
    5. Securing Routing Protocols
    6. Limit Access to Routers
    7. Change Default Passwords!
    8. Summary
  10. Switching
    1. The Switch on the Network
    2. Multilayer Switching
    3. VLANs
    4. Spanning Tree
    5. MAC Addressing
    6. ARP Tables
    7. Restricting Access to Switches
    8. Summary
  11. Authentication, Authorization, and Accounting
    1. Kerberos
    2. RADIUS
    3. TACACS+
    4. Summary
  12. Remote Access and VPNs
    1. VPN Solutions
    2. IP VPN Security
    3. Dial-In Security Access
    4. DSL and Cable VPN Security
    5. Encrypting Remote Sessions
    6. The VPN on the Network
    7. Summary
  13. Wireless Wide Area Networks
    1. Wireless WAN Security Issues
    2. Spread Spectrum Technology
    3. Location
    4. Summary
  14. Wireless Local Area Networks
    1. Access Point Security
    2. SSID
    3. WEP
    4. MAC Address Filtering
    5. RADIUS Authentication
    6. WLAN VPN
    7. 802.11i
    8. Summary
  15. Firewalls and Intrusion Detection Systems
    1. The Purpose of the Firewall
    2. What a Firewall Cannot Do
    3. Types of Firewalls
    4. Layer 2 Firewalls
    5. Intrusion Detection Systems
    6. Summary
  16. The DMZ
    1. DMZ Network Design
    2. Multiple DMZ Design
    3. DMZ Rule Sets
    4. Summary
  17. Server Security
    1. General Server Security Guidelines
    2. Backups
    3. Web Server Security
    4. Mail Server Security
    5. Outsourcing
    6. Summary
  18. DNS Security
    1. Securing Your Domain Name
    2. A Secure BIND Installation
    3. Limit Access to Domain Information
    4. DNS Outsourcing
    5. djbdns
    6. Summary
  19. Workstation Security
    1. General Workstation Security Guidelines
    2. Virus and Worm Scanning
    3. Administrative Access
    4. Remote Login
    5. Summary
  20. Managing Network Security
    1. Enforcing Security Policies
    2. Understanding Network Security Risks
    3. Avoiding Common Mistakes
    4. Summary
  21. Monitoring
    1. What to Monitor
    2. SNMP
    3. Centralizing the Monitoring Process
    4. Summary
  22. Logging
    1. Protecting Against Log-Altering Attacks
    2. Syslog Servers
    3. Sifting Through Logged Data
    4. Summary
  23. Responding to an Attack
    1. Create a Response Chain of Command
    2. Take Notes and Gather Evidence
    3. Contain and Investigate the Problem
    4. Remove the Problem
    5. Contact Appropriate Parties
    6. Prepare a Postmortem
    7. Summary