Managing Cisco Network Security
2nd Edition
Published on 29. May 2002
752 pages
978-0-08-047905-7 (ISBN)
Description
An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today's internetworked world
"There's no question that attacks on enterprise networks are increasing in frequency and sophistication..." -Mike Fuhrman, Cisco Systems Manager, Security Consulting
Managing Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco's security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.
- Security from a real-world perspective
- Key coverage of the new technologies offered by the Cisco including: 500 series of Cisco PIX Firewall, Cisco
- Intrusion Detection System, and the Cisco Secure Scanner
- Revised edition of a text popular with CCIP (Cisco Certified Internetwork Professional) students
- Expanded to include separate chapters on each of the security products offered by Cisco Systems
More details
Other editions
Additional editions
Syngress
Managing Cisco Network Security
Book
05/2002
2nd Edition
Syngress
€70.75
Article exhausted; check different version
Content
Chapter 1 Introduction to IP Network SecurityIntroductionWhat Role Does Security Play in a Network?GoalsPhilosophyWhat if I Don't Deploy Security?The Fundamentals of NetworkingWhere Does Security Fit in?Network Access Layer SecurityInternetwork Layer SecurityHost-to-Host Layer Security?Process Application Layer SecurityAuthenticationOSI ModelHow the OSI Model WorksComposition of a Data PacketSecurity in TCP/IPCisco IP Security Hardware and SoftwareThe Cisco Secure PIX FirewallCisco Secure Integrated SoftwareCisco Secure Integrated VPN SoftwareThe Cisco Secure VPN ClientCisco Secure Access Control ServerCisco Secure ScannerCisco Secure Intrusion Detection SystemCisco Secure Policy ManagerCisco Secure Consulting ServicesSummarySolutions Fast TrackFrequently Asked QuestionsChapter 2 What are We Trying to Prevent?IntroductionWhat Threats Face Your Network?Loss of ConfidentialityLoss of IntegrityLoss of AvailabilitySources of ThreatsMalicious Mobile CodeTrojan HorsesVirusesWormsCurrent Malicious Code ThreatsCurrent Malicious Code ImpactsDenial of ServiceThe Smurf AttackThe SYN Flood AttackDistributed Denial of Service (DDoS) AttacksDetecting BreachesInitial Detectionare Forensics Important?What are the Key Steps after a Breachis Detected?Preventing AttacksReducing VulnerabilitiesProviding a Simple Security Network ArchitectureDeveloping a Culture of SecurityDeveloping a Security PolicySummarySolutions Fast TrackFrequently Asked QuestionsChapter 3 Cisco PIX FirewallIntroductionOverview of the Security FeaturesDifferences between PIX OS Version 4.x and Version 5.xDifferences between PIX OS Version 6.0 and Version 5.xInitial ConfigurationInstalling the PIX SoftwareThe Command-Line InterfaceIP ConfigurationConfiguring NAT and PATPermit Traffic ThroughSecurity Policy ConfigurationSecurity StrategiesIdentify the Security Services to ImplementImplementing the Network Security PolicyConfidentiality Configuration in PIXPIX Configuration ExamplesProtecting a Private NetworkProtecting a Network Connected to the InternetProtecting Server Access Using AuthenticationProtecting Public Servers Connected to the InternetSecuring and Maintaining the PIXSystem JournalingSecuring the PIXSummarySolutions Fast TrackFrequently Asked QuestionsChapter 4 Traffic Filtering in the Cisco Internetwork Operating SystemIntroductionAccess ListsAccess List Operation Types of Access ListsStandard IP Access ListsExtended IP Access ListsNamed Access ListsEditing Access ListsProblems with Access ListsLock-and-key Access ListsReflexive Access ListsBuilding Reflexive Access ListsApplying Reflexive Access ListsContext-based Access ControlThe Context-based Access Control ProcessConfiguring Context-based Access ControlInspection RulesApplying the Inspection RuleConfiguring Port to Application MappingConfiguring PAMProtecting a Private NetworkProtecting a Network Connected to the InternetProtecting Server Access Using Lock-and-keyProtecting Public Servers Connected to the InternetSummarySolutions Fast TrackFrequently Asked QuestionsChapter 5 Network Address Translation/Port Address TranslationIntroductionNAT OverviewAddress RealmRFC 1918 Private AddressingNATTransparent Address AssignmentTransparent RoutingPublic, Global, and External NetworksPrivate and Local NetworksApplication Level GatewaysNAT ArchitecturesTraditional NAT or Outbound NATPort Address TranslationStatic NATTwice NATGuidelines for Deploying NAT and PATIOS NAT Support for IP TelephonyH.
