1. Trang chủ
  2. » Công Nghệ Thông Tin

end-to-end network security - defense-in-depth

469 529 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 469
Dung lượng 12,44 MB

Nội dung

[...]... the network during normal operations or during the course of a security incident or an anomaly in the network xxiii Part III, Defense-In-Depth Applied,” includes: • Chapter 8, “Wireless Security. ” When designing and deploying wireless networks, it is important to consider the unique security challenges that can be inherited This chapter includes best practices to use when deploying wireless networks... Chapter 12 The following is a chapter-by-chapter summary of the contents of the book Part I, “Introduction to Network Security Solutions,” includes: • Chapter 1, “Overview of Network Security Technologies.” This chapter covers an introduction to security technologies and products It starts with an overview of how to place firewalls to provide perimeter security and network segmentation while enforcing... their corporate network Figure 1-5 illustrates a site-to-site IPsec tunnel between two sites (corporate headquarters and a branch office), as well as a remote access VPN from a telecommuter working from home Figure 1-5 Site-to-Site and Remote Access VPN Example Corporate Headquarters IP se c Tu n ne l Branch Office Internet IPsec Tunnel Cisco ASAs are used in the example shown in Figure 1-5 The Cisco ASA... President World Wide Security Practice Cisco xx Introduction The network security lifecycle requires specialized support and a commitment to best practice standards In this book, you will learn best practices that draw upon disciplined processes, frameworks, expert advice, and proven technologies that will help you protect your infrastructure and organization You will learn end-to-end security best practices,... Access (CLI Views) Anomaly Detection Zones 198 Network Device Virtualization 198 Segmentation with VLANs 199 Segmentation with Firewalls 200 Segmentation with VRF/VRF-Lite 200 Policy Enforcement 202 Visualization Techniques Summary 207 203 195 197 191 xiv Part III Defense-In-Depth Applied 209 Chapter 8 Wireless Security 211 Overview of Cisco Unified Wireless Network Architecture 212 Authentication and... Wireless Users 216 WEP 216 WPA 218 802.1x on Wireless Networks 219 EAP with MD5 221 Cisco LEAP 222 EAP-TLS 223 PEAP 223 EAP Tunneled TLS Authentication Protocol (EAP-TTLS) 224 EAP-FAST 224 EAP-GTC 225 Configuring 802.1x with EAP-FAST in the Cisco Unified Wireless Solution Configuring the WLC 226 Configuring the Cisco Secure ACS Server for 802.1x and EAP-FAST 229 Configuring the CSSC 233 Lightweight Access... to Network Security Solutions Chapter 1 Overview of Network Security Technologies This chapter covers the following topics: • • • • • • • Firewalls Virtual Private Networks (VPN) Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) Anomaly Detection Systems Authentication, Authorization, and Accounting (AAA) and Identity Management Network Admission Control Routing Mechanisms as Security. .. important for all network security professionals This knowledge will help them to configure and manage the security of their networks accurately and effectively TIP Several network firewall solutions offer user and application policy enforcement that provides multivector attack protection for different types of security threats They often provide logging capabilities that allow the security administrators... Configuring Basic Network Address Translation (NAT) Configuring Site-to-Site VPN 377 Case Study of a Medium-Sized Enterprise 389 Protecting the Internet Edge Routers 391 Configuring the AIP-SSM on the Cisco ASA 391 Configuring Active-Standby Failover on the Cisco ASA Configuring AAA on the Infrastructure Devices 400 376 394 Case Study of a Large Enterprise 401 Creating a New Computer Security Incident... sinkholes that are used to increase the security of the network and to react to new threats Part II, Security Lifecycle: Frameworks and Methodologies,” includes: • Chapter 2, “Preparation Phase.” This chapter covers numerous best practices on how to better prepare your network infrastructure, security policies, procedures, and organization as a whole against security threats and vulnerabilities This . Street Indianapolis, Indiana 46240 USA Cisco Press End-to-End Network Security Defense-in-Depth Omar Santos ii End-to-End Network Security Defense-in-Depth Omar Santos Copyright© 2008 Cisco Systems,. Congress Cataloging-in-Publication Data: Santos, Omar. End-to-end network security : defense-in-depth / Omar Santos. p. cm. ISBN 97 8-1 -5 870 5-3 3 2-0 (pbk.) 1. Computer networks Security measures 005.8—dc22 2007028287 ISBN-10: 1-5 870 5-3 3 2-2 ISBN-13: 97 8-1 -5 870 5-3 3 2-0 Warning and Disclaimer This book is designed to provide information about end-to-end network security. Every effort has

Ngày đăng: 25/03/2014, 11:14

TỪ KHÓA LIÊN QUAN

w