Managing Cisco Network Security
An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today's internetworked world "There's no question that attacks on enterprise networks are increasing in frequency and sophistication..." -Mike Fuhrman, Cisco Systems Manager, Security Consulting Managing Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco's security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions. - Security from a real-world perspective - Key coverage of the new technologies offered by the Cisco including: 500 series of Cisco PIX Firewall, Cisco - Intrusion Detection System, and the Cisco Secure Scanner - Revised edition of a text popular with CCIP (Cisco Certified Internetwork Professional) students - Expanded to include separate chapters on each of the security products offered by Cisco Systems
1100697446
Managing Cisco Network Security
An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today's internetworked world "There's no question that attacks on enterprise networks are increasing in frequency and sophistication..." -Mike Fuhrman, Cisco Systems Manager, Security Consulting Managing Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco's security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions. - Security from a real-world perspective - Key coverage of the new technologies offered by the Cisco including: 500 series of Cisco PIX Firewall, Cisco - Intrusion Detection System, and the Cisco Secure Scanner - Revised edition of a text popular with CCIP (Cisco Certified Internetwork Professional) students - Expanded to include separate chapters on each of the security products offered by Cisco Systems
62.95 In Stock
Managing Cisco Network Security

Managing Cisco Network Security

by Syngress
Managing Cisco Network Security
Add to Wishlist
Managing Cisco Network Security

Managing Cisco Network Security

by Syngress

Overview

An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today's internetworked world "There's no question that attacks on enterprise networks are increasing in frequency and sophistication..." -Mike Fuhrman, Cisco Systems Manager, Security Consulting Managing Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco's security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions. - Security from a real-world perspective - Key coverage of the new technologies offered by the Cisco including: 500 series of Cisco PIX Firewall, Cisco - Intrusion Detection System, and the Cisco Secure Scanner - Revised edition of a text popular with CCIP (Cisco Certified Internetwork Professional) students - Expanded to include separate chapters on each of the security products offered by Cisco Systems

Product Details

ISBN-13: 9780080479057
Publisher: Syngress Publishing
Publication date: 05/29/2002
Sold by: Barnes & Noble
Format: eBook
Pages: 752
File size: 12 MB
Note: This product may take a few minutes to download.

About the Author

Edgar Danielyan (CCNP Security, CCDP, CSE, SCNA) is a self-employed consultant, author, and editor specializing in security, UNIX, and internetworking. He has contributed his expertise as a Technical Editor of several books on security and networking including Hack Proofing Linux (Syngress Publishing, ISBN: 1-928994-34-2). Robert “Woody” Weaver (CISSP) is a Principal Architect and the Field Practice Leader for Security at Callisma. Larry Chaffin (CCNA, CCDA, CCNA-WAN, CCDP-WAN, CSS1, NNCDS, JNCIS) is a Consultant with Callisma. His specialties include Cisco WAN routers, Cisco PIX Firewall, Cisco VPN, ISP design and implementation, strategic network planning, network architecture and design, and network troubleshooting and optimization. Larry's background includes positions as a Senior LAN/WAN Engineer at WCOM-UUNET, and he also is a freelance sports writer for USA Today and ESPN. Eric Knipp (CCNP, CCDP, CCNA, CCDA, MCSE, MCP+I) is a Consultant with Callisma. He specializes in IP telephony and convergence, Cisco routers, LAN switches, as well as Microsoft NT, and network design and implementation. He is co-author on the previously published Cisco AVVID and IP Telephony Design and Implementation (Syngress Publishing, ISBN: 1-928994-83-0), and Configuring IPv6 for Cisco IOS (Syngress Publishing, ISBN: 1-928994-84-9). Jamie Caesar (CCNP) is the Senior Network Engineer for INFO1 Inc., located in Norcross, GA. Vitaly Osipov (CISSP, CCSA, CCSE) is a Security Specialist and has spent the last five years consulting various companies in Eastern, Central, and Western Europe on information security issues. He is a regular contributor to various infosec-related mailing lists and recently co-authored Check Point NG Certified Security Administrator Study Guide. C. Tate Baumrucker (CISSP, CCNP, Sun Enterprise Engineer, MCSE) is a Senior Consultant with Callisma. He is responsible for leading engineering teams in the design and implementation of complex and highly available systems infrastructures and networks. Tate is industry recognized as a subject matter expert in security and LAN/WAN support systems such as HTTP, SMTP, DNS, and DHCP. Brian Browne (CISSP) is a Senior Consultant with Callisma. He provides senior-level strategic and technical security consulting to Callisma clients, has 12 years of experience in the field of information systems security, and is skilled in all phases of the security lifecycle. A former independent consultant, Brian has provided security consulting for multiple Fortune 500 clients, and has been published in Business Communications Review. Sean Thurston (CCDP, CCNP, MCSE, MCP+I) is a Senior Solution Architect with Siemens Business Services. He provides network and data center design solutions for large-scale deployment. Sean is also a contributing author to Building a Cisco Network for Windows 2000 (Syngress Publishing, ISBN: 1-928994-00-8) and Cisco AVVID & IP Telephony Design and Implementation (Syngress Publishing, ISBN: 1-928994-83-0).

Table of Contents

Chapter 1 Introduction to IP Network SecurityIntroductionWhat Role Does Security Play in a Network?GoalsPhilosophyWhat if I Don't Deploy Security?The Fundamentals of NetworkingWhere Does Security Fit in?Network Access Layer SecurityInternetwork Layer SecurityHost-to-Host Layer Security?Process Application Layer SecurityAuthenticationOSI ModelHow the OSI Model WorksComposition of a Data PacketSecurity in TCP/IPCisco IP Security Hardware and SoftwareThe Cisco Secure PIX FirewallCisco Secure Integrated SoftwareCisco Secure Integrated VPN SoftwareThe Cisco Secure VPN ClientCisco Secure Access Control ServerCisco Secure ScannerCisco Secure Intrusion Detection SystemCisco Secure Policy ManagerCisco Secure Consulting ServicesSummarySolutions Fast TrackFrequently Asked QuestionsChapter 2 What are We Trying to Prevent?IntroductionWhat Threats Face Your Network?Loss of ConfidentialityLoss of IntegrityLoss of AvailabilitySources of ThreatsMalicious Mobile CodeTrojan HorsesVirusesWormsCurrent Malicious Code ThreatsCurrent Malicious Code ImpactsDenial of ServiceThe Smurf AttackThe SYN Flood AttackDistributed Denial of Service (DDoS) AttacksDetecting BreachesInitial Detectionare Forensics Important?What are the Key Steps after a Breachis Detected?Preventing AttacksReducing VulnerabilitiesProviding a Simple Security Network ArchitectureDeveloping a Culture of SecurityDeveloping a Security PolicySummarySolutions Fast TrackFrequently Asked QuestionsChapter 3 Cisco PIX FirewallIntroductionOverview of the Security FeaturesDifferences between PIX OS Version 4.x and Version 5.xDifferences between PIX OS Version 6.0 and Version 5.xInitial ConfigurationInstalling the PIX SoftwareThe Command-Line InterfaceIP ConfigurationConfiguring NAT and PATPermit Traffic ThroughSecurity Policy ConfigurationSecurity StrategiesIdentify the Security Services to ImplementImplementing the Network Security PolicyConfidentiality Configuration in PIXPIX Configuration ExamplesProtecting a Private NetworkProtecting a Network Connected to the InternetProtecting Server Access Using AuthenticationProtecting Public Servers Connected to the InternetSecuring and Maintaining the PIXSystem JournalingSecuring the PIXSummarySolutions Fast TrackFrequently Asked QuestionsChapter 4 Traffic Filtering in the Cisco Internetwork Operating SystemIntroductionAccess ListsAccess List Operation Types of Access ListsStandard IP Access ListsExtended IP Access ListsNamed Access ListsEditing Access ListsProblems with Access ListsLock-and-key Access ListsReflexive Access ListsBuilding Reflexive Access ListsApplying Reflexive Access ListsContext-based Access ControlThe Context-based Access Control ProcessConfiguring Context-based Access ControlInspection RulesApplying the Inspection RuleConfiguring Port to Application MappingConfiguring PAMProtecting a Private NetworkProtecting a Network Connected to the InternetProtecting Server Access Using Lock-and-keyProtecting Public Servers Connected to the InternetSummarySolutions Fast TrackFrequently Asked QuestionsChapter 5 Network Address Translation/Port Address TranslationIntroductionNAT OverviewAddress RealmRFC 1918 Private AddressingNATTransparent Address AssignmentTransparent RoutingPublic, Global, and External NetworksPrivate and Local NetworksApplication Level GatewaysNAT ArchitecturesTraditional NAT or Outbound NATPort Address TranslationStatic NATTwice NATGuidelines for Deploying NAT and PATIOS NAT Support for IP TelephonyH.

Introduction

Introduction
Authentication, authorization, and accounting (AAA) is an architectural framework for providing the independent but related functions of authentication, authorization, and accounting, and is critical to providing secure remote access to both network devices and resources. The AAA framework typically consists of both a client and a server. The AAA client (for example, a router or network access server (NAS)) requests authentication, authorization, and/or accounting services from a AAA server (for instance, a Unix or Windows server with appropriate software) that maintains databases containing the relevant AAA information.

Typically, an AAA framework is effective in three ways:

1. It provides centralized authentication for the administration of a large number of routers. An example is a small- to medium-sized business that has a relatively high ratio of routers to network administrators. Centralized authentication would ease the administrative burden of the routers, but because the number of administrators is low, centralized authorization and accounting would not be beneficial.
2. It provides flexible authorization capabilities. An example is a global enterprise that has a large number of both routers and administrators. Administrative duties might be divided along operational and configuration lines such that the implementation of centralized authorization would be an effective addition to centralization authentication.
3. It provides relevant usage or billing information. An example is a service provider that charges customers based on network usage statistics. In this case, the centralized authentication and authorization would be aneffective means of supporting the router and NAS administration, while centralized accounting would provide the business with network usage information for billing.

Examples of AAA happen in every day life outside of computers and Cisco devices. For instance, when you go to an ATM machine to withdraw money, you must first insert your bank card and enter your personal identification number (PIN). At this point, you are now authenticating yourself as someone who has the authority to withdraw money. If both your card and PIN are valid, you are successfully authenticated and can now continue the task of withdrawing money. If you have entered an incorrect PIN number, or your card has been damaged (or stolen) and the criteria cannot be validated, you will not be able to continue. Once authenticated you will be permitted to perform certain actions, such as withdraw, deposit, check your balance on various accounts, and so on. Based on your identity (your bank card and your PIN), you have been preauthorized to perform certain functions, which include withdrawing your hard-earned money. Finally, once you have completed the tasks in which you are authorized to perform, you are then provided with a statement describing your transactions, as well as the remaining balance in your account. The bank will also record your transactions for accounting purposes.

This chapter provides an overview of AAA and its benefits, a description of the RADIUS, TACACS+, and Kerberos security protocols, and a discussion (with examples) of how to configure each of the AAA services on Cisco IOS devices.

Cisco AAA Overview
AAA is comprised of the three independent but related functions of authentication, authorization, and accounting, defined in the following:
· Authentication is the process of identifying and authenticating a user prior to allowing access to network devices and services. User identification and authentication is critical for the accuracy of the authorization and accounting functions.
· Authorization is the process of determining a user’s privileges and access rights after they have been authenticated.
· Accounting is the process of recording user activities for accountability, billing, auditing, or reporting purposes. In some cases, it may not be necessary to implement all AAA mechanisms. For example, if a company simply wishes to authenticate users when they access a certain resource, authentication would be the only element needed. If a company wishes to create an audit trail to reference which users logged in to the network at what times, authentication and accounting will be needed. Typically, AAA is used in remote access scenarios such as end users dialing into an ISP to access the Internet, or dialing into their company LAN to access resources. Figure 9.1 illustrates a common implementation of AAA.
From the B&N Reads Blog
Page 1 of

Customer Reviews