In Stock: Marketplace

Buy from our Authorized Marketplace Sellers

5 new and used from $12.20

Guide to Firewalls and Network Security : Intrusion Detection and VPNs

Guide to Firewalls and Network Security : Intrusion Detection and VPNs

Digital Content Factory Staff (Author)

ISBN-10: 0619130393
ISBN-13: 9780619130398

Available from our Authorized Marketplace Sellers
In our Marketplace:
5 new and used from $12.20
Description
Table of Contents
null
BDS Summary
Aimed at the student and network administrator who need to learn the basics of network firewall security, this book covers basic installation techniques, how to make an intelligent choice of firewall technology and basic firewall troubleshooting.Long Description
Provides comprehensive overview of building and maintaining firewalls in a business environment, and maps to the objectives of CheckPoint?s CCSA certification.Author Affiliation
Greg Holden has developed a following through his ability to teach highly technical subjects to novice and experienced computer users alike. He has written various booksMain Description
Guide to Firewalls and Network Security: Intrusion Detection and VPNs provides a comprehensive look at firewalls and their use with other network security components to secure a local Area Network. The book begins with an introduction to firewalls -- where they fit into a network security program, and how to combine them with DMZs, routers, and VPNs for optimal perimeter security. Next, important topics related to firewalls and network security are discussed, including packet filtering, proxy servers, authentication, encryption, and securing host computers. The last three chapters cover advanced topics such as setting up a VPN, building a firewall and VPN, and performing system administration. The hands-on projects in these chapters utilize a variety of popular VPN and firewall products available today. Book jacket.
Introductionp. xiii
Firewall Planning and Designp. 1
Misconceptions About Firewallsp. 2
What Is a Security Policy?p. 3
What Is a Firewall?p. 3
An Analogy: Security Guard Samp. 4
Firewalls Provide Security Featuresp. 5
Firewalls Provide Protection for Individual Usersp. 5
Firewalls Provide Perimeter Security for Networksp. 6
Firewalls Consist of Multiple Componentsp. 8
Firewalls Confront Many Threats and Perform Many Security Tasksp. 8
Types of Firewall Protectionp. 14
Multilayer Firewall Protectionp. 14
Packet Filteringp. 14
NATp. 18
Application Layer Gatewaysp. 19
Limitations of Firewallsp. 20
Evaluating Firewall Packagesp. 21
Firewall Hardwarep. 21
Software-Only Packagesp. 22
Chapter Summaryp. 24
Key Termsp. 25
Review Questionsp. 28
Hands-on Projectsp. 31
Case Projectsp. 35
Developing a Security Policyp. 37
What Is a Security Policy?p. 38
Why Is a Security Policy Important?p. 39
Setting Goals for an Effective Security Policyp. 40
The Seven Steps to Building a Security Policyp. 41
Developing a Policy Teamp. 41
Determining the Organization's Overall Approach to Securityp. 41
Identifying the Assets To Be Protectedp. 43
Determining What Should Be Audited for Securityp. 45
Identifying Security Risksp. 47
Defining Acceptable Usep. 47
Providing for Remote Accessp. 48
Accounting for What the Firewall Cannot Dop. 49
Other Security Policy Topicsp. 49
Defining Responses to Security Violationsp. 50
Overcoming Administrative Obstaclesp. 50
Educating Employeesp. 51
Presenting and Reviewing the Processp. 52
Amending the Security Policyp. 52
Chapter Summaryp. 52
Key Termsp. 53
Review Questionsp. 53
Hands-on Projectsp. 56
Case Projectsp. 60
Firewall Configuration Strategiesp. 61
Establishing Rules and Restrictions for Your Firewallp. 62
The Role of the Rules Filep. 62
Restrictive Firewallsp. 63
Connectivity-Based Firewallsp. 64
Firewall Configuration Strategies: The 10,000-Foot Overviewp. 65
Scalabilityp. 65
Productivityp. 65
Dealing with IP Address Issuesp. 66
Different Firewall Configuration Strategies You Can Usep. 67
Screening Routerp. 69
Dual-Homed Hostp. 71
Screened Hostp. 71
Two Routers, One Firewallp. 72
DMZ Screened Subnetp. 73
Multiple-Firewall DMZsp. 76
Reverse Firewallsp. 83
Specialty Firewallsp. 83
Approaches that Add Functionality to Your Firewallp. 83
NATp. 84
Encryptionp. 85
Application Proxiesp. 85
VPNsp. 87
Intrusion Detection Systemsp. 87
Chapter Summaryp. 90
Key Termsp. 90
Review Questionsp. 92
Hands-on Projectsp. 95
Case Projectsp. 99
Packet Filteringp. 101
Understanding Packets and Packet Filteringp. 102
Devices That Perform Packet Filteringp. 102
Anatomy of a Packetp. 103
A Quick Tutorial on Packet Filteringp. 106
The Use of Rulesp. 106
Approaches to Packet Filteringp. 108
Stateless Packet Filteringp. 108
Stateful Packet Filteringp. 114
Filtering Based on Packet Contentsp. 116
Setting Specific Packet Filter Rulesp. 117
Packet Filter Rules That Cover Multiple Variationsp. 117
Packet Filter Rules That Cover ICMPp. 118
Packet Filter Rules That Block Ping Packetsp. 118
Packet Filter Rules That Enable Web Accessp. 120
Packet Filter Rules That Enable DNSp. 120
Packet Filter Rules That Enable FTPp. 121
Packet Filter Rules That Enable E-Mailp. 122
Chapter Summaryp. 123
Key Termsp. 124
Review Questionsp. 125
Hands-on Projectsp. 128
Case Projectsp. 132
Working with Proxy Servers and Application-Level Firewallsp. 135
Overview of Proxy Serversp. 136
The Proxy Analogyp. 136
How Proxy Servers Workp. 136
How Proxy Servers Differ From Packet Filtersp. 138
Sample Proxy Server Configurationsp. 138
Goals of Proxy Serversp. 140
Concealing Internal Clientsp. 140
Blocking URLsp. 142
Blocking and Filtering Contentp. 143
E-Mail Proxy Protectionp. 143
Improving Performancep. 144
Ensuring Securityp. 145
Providing User Authenticationp. 146
Redirecting URLsp. 146
Proxy Server Configuration Considerationsp. 146
Providing for Scalabilityp. 147
Working with Client Configurationsp. 147
Working with Service Configurationsp. 148
Creating Filter Rulesp. 149
Recognizing the Single Point of Failurep. 149
Recognizing Buffer Overflow Vulnerabilitiesp. 150
Choosing a Proxy Serverp. 150
Transparent Proxiesp. 150
Nontransparent Proxiesp. 151
SOCKS-Based Proxiesp. 151
Proxy Server-Based Firewalls Comparedp. 153
T.REX Open-Source Firewallp. 153
Squidp. 153
WinGatep. 153
Symantec Enterprise Firewallp. 154
Microsoft Internet Security & Acceleration Serverp. 154
Reverse Proxiesp. 155
When a Proxy Service Isn't the Correct Choicep. 157
Chapter Summaryp. 157
Key Termsp. 158
Review Questionsp. 159
Hands-on Projectsp. 162
Case Projectsp. 169
Authenticating Usersp. 171
The Authentication Process in Generalp. 172
How Firewalls Implement the Authentication Processp. 173
Types of Authentication with Firewallsp. 174
User Authenticationp. 175
Client Authenticationp. 176
Session Authenticationp. 177
Centralized Authenticationp. 178
Kerberos Authenticationp. 179
TACACS+p. 180
Remote Authentication Dial-In User Service (RADIUS)p. 181
TACACS+ and RADIUS Comparedp. 181
Password Security Issuesp. 183
Passwords That Can Be Crackedp. 183
User Error with Passwordsp. 184
Lax Security Habitsp. 184
Password Security Toolsp. 184
One-Time Password Softwarep. 184
The Shadow Password Systemp. 185
Other Authentication Systemsp. 185
Single-Password Systemsp. 186
One-Time Password Systemsp. 186
Certificate-Based Authenticationp. 187
802.1x Wi-Fi Authenticationp. 187
Chapter Summaryp. 189
Key Termsp. 190
Review Questionsp. 192
Hands-on Projectsp. 194
Case Projectsp. 200
Encryption and Firewallsp. 203
Why Your Firewalls Need To Use Encryptionp. 204
Hackers Take Advantage of a Lack of Encryptionp. 204
The Cost of Encryptionp. 205
Preserving Data Integrityp. 206
Maintaining Confidentialityp. 206
Authenticating Network Clientsp. 207
Enabling VPNsp. 207
Digital Certificates and Public and Private Keysp. 207
Digital Certificatesp. 208
Keysp. 210
Analyzing Popular Encryption Schemesp. 216
Symmetric Versus Asymmetric Encryptionp. 216
PGPp. 218
X.509p. 219
X.509 and PGP Comparedp. 220
SSLp. 221
Using IPSec Encryptionp. 221
Understanding IPSecp. 222
Modes of IPSecp. 222
IPSec Protocolsp. 223
Components of IPSecp. 225
Enabling IPSecp. 225
Limitations of IPSecp. 227
Chapter Summaryp. 228
Key Termsp. 228
Review Questionsp. 231
Hands-on Projectsp. 234
Case Projectsp. 241
Choosing a Bastion Hostp. 243
Installing a Bastion Host: General Requirementsp. 244
Selecting the Host Machinep. 245
Do You Need More Than One Machine?p. 245
Memory Considerationsp. 246
Processor Speedp. 246
Choosing the Operating Systemp. 247
Positioning the Bastion Hostp. 248
Physical Locationp. 248
Network Locationp. 250
Securing the Machine Itselfp. 252
Configuring Your Bastion Hostp. 254
Making the Host Defend Itselfp. 254
Selecting Services To Be Providedp. 255
Special Considerations for UNIX Systemsp. 255
Special Considerations for Windows Systemsp. 256
Disabling Accountsp. 257
Disabling Unnecessary Servicesp. 257
Limiting Portsp. 258
Handling Backupsp. 259
Auditing the Bastion Hostp. 260
Connecting the Bastion Hostp. 260
Chapter Summaryp. 261
Key Termsp. 262
Review Questionsp. 263
Hands-on Projectsp. 266
Case Projectsp. 274
Setting Up a Virtual Private Networkp. 277
VPN Components and Operationsp. 278
Components Within VPNsp. 278
Essential Activities of VPNsp. 282
Advantages and Disadvantages of VPNsp. 284
VPNs Extend a Network's Boundariesp. 285
Types of VPNsp. 286
VPN Appliancesp. 286
Software VPN Systemsp. 287
VPN Combinations of Hardware and Softwarep. 288
VPN Combinations of Different Vendors' Productsp. 289
VPN Setupsp. 289
Mesh Configurationp. 289
Hub-and-Spoke Configurationp. 291
Hybrid Configurationp. 292
Configurations and Extranet and Intranet Accessp. 292
Tunneling Protocols Used with VPNsp. 293
IPSec/IKEp. 294
PPTPp. 295
L2TPp. 295
PPP Over SSL/PPP Over SSHp. 295
Enabling Remote Access Connections Within VPNsp. 296
Configuring the Serverp. 297
Configuring Clientsp. 298
VPN Best Practicesp. 298
The Need for a VPN Policyp. 299
Packet Filtering and VPNsp. 299
Auditing and Testing the VPNp. 302
Chapter Summaryp. 303
Key Termsp. 305
Review Questionsp. 306
Hands-on Projectsp. 310
Case Projectsp. 318
Building Your Own Firewallp. 319
Enterprise Versus Desktop Firewallsp. 320
Desktop Firewallsp. 322
Tiny Personal Firewallp. 322
Sygate Firewallsp. 327
ZoneAlarm Firewallsp. 331
Enterprise Firewallsp. 335
Linksysp. 336
Microsoft Internet Security and Acceleration Server 2000p. 337
Chapter Summaryp. 341
Key Termsp. 342
Review Questionsp. 343
Hands-on Projectsp. 346
Case Projectsp. 355
Ongoing Administrationp. 357
Making Your Firewall Meet New Needsp. 358
Verifying Resources Needed by the Firewallp. 358
Identifying New Risksp. 360
Adding Software Updates and Patchesp. 361
Adding Hardwarep. 362
Dealing with Complexity on the Networkp. 363
Adhering to Proven Security Principlesp. 364
Environmental Managementp. 364
BIOS, Boot, and Screen Locksp. 365
Using Remote Management Interfacep. 366
Why Remote Management Tools Are Importantp. 367
Security Concerns with Remote Management Toolsp. 367
Basic Features Required of Remote Management Toolsp. 367
Tracking the Contents of Log Files for Securityp. 368
Preparing Usage Reportsp. 368
Watching for Suspicious Eventsp. 369
Automating Security Checksp. 372
Security Breaches Will Happen!p. 373
Using an Intrusion Detection Systemp. 373
Receiving Security Alertsp. 375
When an Intrusion Occursp. 375
During and After an Intrusionp. 375
Configuring Advanced Firewall Functionsp. 376
Data Cachingp. 376
Hot Standby Redundancyp. 377
Load Balancingp. 378
Filtering Contentp. 380
Chapter Summaryp. 381
Key Termsp. 382
Review Questionsp. 384
Hands-on Projectsp. 387
Case Projectsp. 391
Security Resourcesp. 393
Security-Related Web Sitesp. 394
The Center for Internet Security (www.cisecurity.org/)p. 394
SANS Institute (www.sans.org)p. 394
The Cert Coordination Center (www.cert.org)p. 394
W3C Security Resources (www.w3.org/security)p. 394
Microsoft Security and Privacy (www.microsoft.com/security)p. 395
Anti-Virus Sitesp. 395
Symantec Security Response (http://securityresponse.symantec.com)p. 395
McAfee.com--Anti-Virus (www.mcafee.com)p. 395
Free Online Security Scannersp. 395
Shields UP! Port Scanner (https://grc.com/x/ne.dll?bhObkyd2)p. 395
Broadbandreports.comp. 396
Incident Response Sitesp. 396
Incidents.org (www.incidents.org)p. 396
FIRST (www.first.org)p. 396
Internet Fraud Complaint Center (http://www1.ifccfbi.gov/index.asp)p. 396
Security Certification Sitesp. 397
CompTIA Certification Home Page (www.comptia.org/certification/index.htm)p. 397
Global Information Assurance Certification (GIAC) (www.giac.org)p. 397
(ISC)[superscript 2] (www.isc2.org)p. 397
Background Information on Security Topicsp. 397
SANS Reading Room (http://rr.sans.org)p. 397
SearchSecurity.com (http://searchsecurity.techtarget.com/)p. 398
Internet Firewalls FAQ (www.interhack.net/pubs/fwfaq/)p. 398
Newsletters, Newsgroups, and Mailing Listsp. 398
The Newsgroup (comp.security.firewalls)p. 398
FIRST membership Mailing Lists (www.first.org/docs/mail.html)p. 398
SANS Newsletters (http://server2.sans.org/sansnews)p. 398
CNET Newsletters (http://nl.com.com/general.jsp)p. 399
Glossaryp. 401
Indexp. 413
Table of Contents provided by Ingram. All Rights Reserved.
null
Edition: 2004
Publisher: Course Technology
Binding: Trade Paper
Pages: 433
Size: 7.75" wide x 9.25" long x 1.00" tall
Weight: 1.72 lbs.
Language: English

100% Money Back Guarantee: Wrong item? No problem! Our hassle-free returns policy has you covered. We'll also process your order within 24 hours. Learn more about our shipping policy.


New & Used Books

Cheap textbooks International edition textbooks Books Cash for books DVDs Advanced search Home

Customer Service

Order status Shipping information Returns Buyback help Contact us Customer account home

Booksellers

Bookseller account home Bookseller FAQ Bookseller policy Bookseller signup

TextbooksRus Info

TextbooksRus Marketplace Participation agreement General policies Privacy policy Jobs Affiliates

About TextbooksRus.com

TextbooksRus.com is dedicated to providing customers with the lowest prices on textbooks, trade books and professional books. In addition to low prices, TextbooksRus.com offers a buyback system that is unparalleled by competitors.
© 2002-2010, TextbooksRus.com