Network Security ArchitecturesCisco Press, 2004 - 739 lappuses Expert guidance on designing secure networks
Written by the principal architect of the original Cisco Systems SAFE Security Blueprint, Network Security Architectures is your comprehensive how-to guide to designing and implementing a secure network. Whether your background is security or networking, you can use this book to learn how to bridge the gap between a highly available, efficient network and one that strives to maximize security. The included secure network design techniques focus on making network and security technologies work together as a unified system rather than as isolated systems deployed in an ad-hoc way. Beginning where other security books leave off, Network Security Architectures shows you how the various technologies that make up a security system can be used together to improve your network's security. The technologies and best practices you'll find within are not restricted to a single vendor but broadly apply to virtually any network system. This book discusses the whys and hows of security, from threats and counter measures to how to set up your security policy to mesh with your network architecture. After learning detailed security best practices covering everything from Layer 2 security to e-commerce design, you'll see how to apply the best practices to your network and learn to design your own security system to incorporate the requirements of your security policy. You'll review detailed designs that deal with today's threats through applying defense-in-depth techniques and work through case studies to find out how to modify the designs to address the unique considerations found in your network. Whether you are a network or security engineer, Network Security Architectures will become your primary reference for designing and building a secure network. This book is part of the Networking Technology Series from Cisco Press, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers. |
Saturs
Table of Contents | xxxii |
Foreword | xxxiv |
Network Security Axioms | 5 |
Security Policy and Operations Life Cycle | 29 |
Summary | 50 |
Secure Networking Threats | 55 |
Vulnerability Types | 60 |
Summary | 115 |
Topology Considerations | 368 |
Design Considerations | 375 |
IPsec Outsourcing | 407 |
SupportingTechnology Design Considerations | 413 |
Wireless LANs | 424 |
Differentiated Groups WLAN | 440 |
Designing Your Security System | 449 |
Security System Concepts | 455 |
Network Security Technologies | 121 |
Emerging Security Technologies | 161 |
Designing Secure Networks | 169 |
Host Operating Systems | 187 |
Applied Knowledge Questions | 193 |
General Design Considerations | 195 |
VLAN Hopping Considerations | 213 |
ICMP Design Considerations | 235 |
Routing Considerations | 240 |
Transport Protocol Design Considerations | 251 |
265 | |
Network Security Platform Options and Best Deployment Practices | 269 |
Summary | 295 |
Common Application Design Considerations | 299 |
DNS | 304 |
FTP | 315 |
Identity Design Considerations | 321 |
Role of Identity in Secure Networking | 329 |
Identity Deployment Recommendations | 348 |
IPsec VPN Design Considerations | 353 |
IPsec Modes of Operation and Security Options | 357 |
Impact of Network Security on the Entire Design | 464 |
Summary | 475 |
Secure Network Designs | 479 |
Medium Network Edge Security Design | 500 |
HighEnd Resilient Edge Security Design | 512 |
Provisions for ECommerce and Extranet Design | 526 |
Campus Security Design | 535 |
Small Network Campus Security Design | 543 |
Medium Network Campus Security Design | 549 |
HighEnd Resilient Campus Security Design | 557 |
Teleworker Security Design | 571 |
HardwareBased Teleworker Design | 579 |
Summary | 585 |
Network Management Case Studies and Conclusions | 589 |
Secure Network Management and Network Security Management | 591 |
Case Studies | 635 |
Conclusions | 663 |
Appendix B Answers to Applied Knowledge Questions | 679 |
Sample Security Policies | 699 |
713 | |