Self-Defending Networks: The Next Generation of Network Security
  • Alternative view 1 of Self-Defending Networks: The Next Generation of Network Security
  • Alternative view 2 of Self-Defending Networks: The Next Generation of Network Security

Self-Defending Networks: The Next Generation of Network Security

by Duane De Capite
     
 

View All Available Formats & Editions

ISBN-10: 1587052539

ISBN-13: 9781587052538

Pub. Date: 09/14/2006

Publisher: Cisco Press

Protect your network with self-regulating network security solutions that combat both internal and external threats.

  • Provides an overview of the security components used to design proactive network security
  • Helps network security professionals understand what the latest tools and techniques can do and how they interact
  • Presents detailed

Overview

Protect your network with self-regulating network security solutions that combat both internal and external threats.

  • Provides an overview of the security components used to design proactive network security
  • Helps network security professionals understand what the latest tools and techniques can do and how they interact
  • Presents detailed information on how to use integrated management to increase security
  • Includes a design guide with step-by-step implementation instructions

Self-Defending Networks: The Next Generation of Network Security helps networking professionals understand how to deploy an end-to-end, integrated network security solution. It presents a clear view of the various components that can be used throughout the network to not only monitor traffic but to allow the network itself to become more proactive in preventing and mitigating network attacks. This security primer provides unique insight into the entire range of Cisco security solutions, showing what each element is capable of doing and how all of the pieces work together to form an end-to-end Self-Defending Network. While other books tend to focus on individual security components, providing in-depth configuration guidelines for various devices and technologies, Self-Defending Networks instead presents a high-level overview of the entire range of technologies and techniques that comprise the latest thinking in proactive network security defenses. This book arms network security professionals with the latest information on the comprehensive suite of Cisco security tools and techniques. Network Admission Control, Network Infection Containment, Dynamic Attack Mitigation, DDoS Mitigation, Host Intrusion Prevention, and Integrated Security Management are all covered, providing the most complete overview of various security systems. It focuses on leveraging integrated management, rather than including a device-by-device manual to implement self-defending networks.

Product Details

ISBN-13:
9781587052538
Publisher:
Cisco Press
Publication date:
09/14/2006
Series:
Networking Technology: Security Series
Edition description:
New Edition
Pages:
239
Product dimensions:
7.42(w) x 9.30(h) x 0.68(d)

Related Subjects

Table of Contents

Foreword

Introduction

Chapter 1 Understanding Types of Network Attacks and Defenses

Categorizing Network Attacks

Virus

Worm

Trojan Horse

Denial-of-Service

Distributed Denial-of-Service

Spyware

Phishing

Understanding Traditional Network Defenses

Router Access Lists

Firewalls

Intrusion Detection Systems

Virtual Private Networks

Antivirus Programs

Introducing Cisco Self-Defending Networks

DDoS Mitigation

Intrusion Prevention Systems

Adaptive Security Appliance

Incident Control Service

Network Admission Control

IEEE 802.1x

Host Intrusion Prevention: CSA

Cisco Security Centralized Management

Summary

References

Chapter 2 Mitigating Distributed Denial-of-Service Attacks

Understanding Types of DDoS Attacks

DDoS Mitigation Overview

Using Cisco Traffic Anomaly Detector

Configuring the Traffic Anomaly Detector

Zone Creation

Traffic Anomaly Detector Zone Filters

Policy Template

Learning Phase

Detecting and Reporting Traffic Anomalies

Configuring Cisco Guard

Bootstrapping

Zone Creation and Synchronization

Cisco Guard Zone Filters

Zone Traffic Diversion

Learning Phase

Activating Zone Protection

Generating Attack Reports

Summary

References

Chapter 3 Cisco Adaptive Security Appliance Overview

Antispoofing

Intrusion Prevention Service

Launch ASDM for IPS Configuration

Configure Service Policy Rules

Define IPS Signatures

Protocol Inspection Services

HTTP Inspection Engine

TCP Map

HTTP Map

Configuring Content Security and Control Security

Content Security and Control Services Module (CSC-SSM) Setup

Web

URL Blocking

URL Filtering

Scanning

File Blocking

Mail

Scanning

Antispam

Content Filtering

File Transfer

Summary

References

Chapter 4 Cisco Incident Control Service

Implementing Outbreak Management with Cisco ICS

Outbreak Management Summary

Information and Statistics on Network Threats from Trend Micro

New Outbreak Management Task

Outbreak Settings

Displaying Outbreak Reports

OPACL Settings

Exception List

Report Settings

Watch List Settings

Automatic Outbreak Management Task

Displaying Devices

Device List

Add Device

Viewing Logs

Incident Log Query

Event Log Query

Outbreak Log Query

Log Maintenance

Summary

References

Chapter 5 Demystifying 802.1x

Fundamentals of 802.1x

Introducing Cisco Identity-Based Networking Services

Machine Authentication

802.1x and NAC

Using EAP Types

EAP MD5

EAP TLS

LEAP

PEAP

EAP FAST

VPN and 802.1x

Summary

References

Chapter 6 Implementing Network Admission Control

Network Admission Control Overview

NAC Framework Benefits

NAC Framework Components

Endpoint Security Application

Posture Agent

Network Access Devices

Policy Server

Management and Reporting Tools

Operational Overview

Network Admission for NAC-enabled Endpoints

Endpoint Attempts to Access the Network

NAD Notifies Policy Server

Cisco Secure ACS Compares Endpoint to NAC Policy

Cisco Secure ACS Forwards Information to Partner Policy Servers

Cisco Secure ACS Makes a Decision

Cisco Secure ACS Sends Enforcement Actions

NAD Enforces Actions

Posture Agent Actions

Endpoint Polled for Change of Compliance

Revalidation Process

Network Admission for NAC Agentless Hosts

Deployment Models

LAN Access Compliance

WAN Access Compliance

Remote Access Compliance

Summary

References

Chapter 7 Network Admission Control Appliance

NAC Appliance Features

NAC Appliance Manager

Device Management

CCA Servers

Filters

Clean Access

Switch Management

User Management

Monitoring

Administration

Summary

References

Chapter 8 Managing the Cisco Security Agent

Management Center for Cisco Security Agents

Deploying Cisco Secure Agent Kits

Displaying the End-Station Hostname in the Device Groups

Reviewing Policies

Attaching Rules to a Policy

Generating and Deploying Rules

Using Event Monitor

Running Cisco Security Agent Analysis

Cisco Security Agent

Status

System Security

Summary

References

Chapter 9 Cisco Security Manager

Getting Started

Device View

Add Device

Configure Access Conrol Lists (ACLs) from Device View

Configuring Interface Roles

Apply Access Control List (ACL) Rules to Multiple Devices

Invoking the Policy Query

Using Analysis and Hit Count Functions

Map View

Showing Devices on the Topology Map

Adding Cloud Networks and Hosts to the Topology Map

Configuring Firewall Access Control List (ACLs) Rules from Topology Map

Policy View

Access Control List (ACL) Rules Security Policy

Policy Inheritance and Mandatory Security Policies

IPS Management

Object Manager

Value Override Per Device

Summary

References

Chapter 10 Cisco Security Monitoring, Analysis, and Response System

Understanding Cisco Security MARS Features

Summary Dashboard

Incidents

Displaying Path of Incident and Mitigating the Attack

Hotspot Graph and Attack Diagram

Rules

Query/Reports

Management

Admin

Cisco Security Manager Linkages

Summary

References

1587052539, TOC, 8/14/2006

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >