skip to content
Network security principles and practices Preview this item
ClosePreview this item

Network security principles and practices

Author: Saadat Malik; Safari Tech Books Online.
Publisher: Indianapolis, Ind. : Cisco, 2003.
Edition/Format:   Computer file : EnglishView all editions and formats

Offering solutions for securing network infrastructures and VPNs, this book provides a review of topics important to achieving CCIE Security certification. Security aspects of routing protocols,  Read more...


(not yet rated) 0 with reviews - Be the first.

More like this

Find a copy online

Links to this item

Find a copy in the library

&AllPage.SpinnerRetrieving; Finding libraries that hold this item...


Genre/Form: Study guides
Material Type: Internet resource
Document Type: Internet Resource, Computer File
All Authors / Contributors: Saadat Malik; Safari Tech Books Online.
OCLC Number: 873842463
Notes: Made available through: Safari Books Online, LLC.
Mode of access: World Wide Web.
Reproduction Notes: Electronic reproduction Available via World Wide Web Boston, MA : Safari.
Description: xxvii, 774 p. S. ; 24 cm
Contents: (NOTE: Each chapter concludes with a Summary and Review Questions.)Foreword. Introduction. I. INTRODUCTION TO NETWORK SECURITY. 1. An Introduction to Network Security. Implementing a Network Security Policy. Network Security Architecture Implementation. Audit and Improvement. Case Study.II. BUILDING SECURITY INTO THE NETWORK. 2. Defining Security Zones. An Introduction to Security Zones. Designing a Demilitarized Zone. Case Study: Creating Zones Using the PIX Firewall.3. Device Security. Physical Security. Device Redundancy. Router Security. PIX Firewall Security. Switch Security.4. Secure Routing. Building Security into Routing Design. Router and Route Authentication. Directed Broadcast Control. Black Hole Filtering. Unicast Reverse Path Forwarding. Path Integrity. Case Study: Securing the BGP Routing Protocol. Case Study: Securing the OSPF Routing Protocol.5. Secure LAN Switching. General Switch and Layer 2 Security. Port Security. IP Permit Lists. Protocol Filtering and Controlling LAN Floods. Private VLANs on the Catalyst 6000. Port Authentication and Access Control Using the IEEE 802.1x Standard.6. Network Address Translation and Security. Security Benefits of Network Address Translation. Disadvantages of Relying on NAT for Security.III. FIREWALLS. 7. What Are Firewalls? Firewalls. Types of Firewalls. Positioning of Firewalls.8. PIX Firewall. Adaptive Security Algorithm. Basic Features of the PIX Firewall. Advanced Features of the PIX Firewall. Case Studies.9. IOS Firewall. Context-Based Access Control. Features of IOS Firewall. Case Study: CBAC on a Router Configured with NAT.IV. VIRTUAL PRIVATE NETWORKS. 10. The Concept of VPNs. VPNs Defined. VPN Types Based on Encryption Versus No-Encryption. VPN Types Based on OSI Model Layer. VPN Types Based on Business Functionality.11. GRE. GRE. Case Studies.12. L2TP. Overview of Layer 2 Tunneling Protocol. Functional Details of L2TP. Case Studies.13. IPsec. Types of IPsec VPNs. Composition of IPsec. Introduction to IKE. IPsec Negotiation Using the IKE Protocol. IKE Authentication Mechanisms. Encryption and Integrity-Checking Mechanisms in IPsec. Packet Encapsulation in IPsec. IKE Enhancements for Remote-Access Client IPsec. IPsec Dead Peer Discovery Mechanism. Case Studies.V. INTRUSION DETECTION. 14. What Is Intrusion Detection? The Need for Intrusion Detection. Types of Network Attacks Based on Mode of Attack. Types of Network Attacks Based on the Attacks Perpetrator. Common Network Attacks. The Process of Detecting Intrusions. Case Study: Kevin Metnicks Attack on Tsutomu Shimomuras Computers and How IDS Could Have Saved the Day.15. Cisco Secure Intrusion Detection. Components of the Cisco Secure IDS. Construction of the Management Console. Construction of the Sensor. Responses to Intrusions. Types of Signatures. Using a Router, PIX, or IDSM as a Sensor. Case Studies.VI. NETWORK ACCESS CONTROL. 16. AAA. Definitions of AAA Components. An Introduction to Authentication. Setting up Authentication. An Introduction to Authorization. Setting up Authorization. An Introduction to Accounting. Setting up Accounting. Case Studies.17. TACACS+. Introduction to TACACS+. TACACS+ Communications Architecture. TACACS+ Header Format. TACACS+ Packet Encryption. Authentication in TACACS+. Authorization in TACACS+. Accounting in TACACS+.18. RADIUS. Introduction to RADIUS. RADIUS Communications Architecture.19. Special Cases of Using AAA for Implementing Security Features. Using AAA to Provide Preshared Keys for IPsec. Using AAA for X-Auth in ISAKMP. Using AAA for Auth-Proxy. Using AAA for VPDN. Using AAA for Lock and Key. Using AAA for Command Authorization.VII. SERVICE PROVIDER SECURITY. 20. Benefits and Challenges of Service Provider Security. Motivation for Having Service Provider Security. Challenges of Implementing Security at the Service Provider Level. Key Components of Service Provider Security.21. Using Access Control Lists Effectively. Overview of Access Control Lists. Using ACLs to Stop Unauthorized Access. Using ACLs to Recognize Denial of Service Attacks. Using ACLs to Stop Denial of Service Attacks. IP Fragment Handling by ACLs. Performance Impact of ACLs. Turbo ACLs. NetFlow Switching and ACLs.22. Using NBAR to Identify and Control Attacks. Overview of NBAR. Using NBAR to Classify Packets. Using NBAR to Counter Network Attacks. Using PDLM in Conjunction with NBAR to Classify Network Attacks. Performance Impact of Using NBAR-Based Access Control Techniques. Case Study: The Code Red Worm and NBAR.23. Using CAR to Control Attacks. Overview of CAR. Using CAR to Rate-Limit or Drop Excessive Malicious Traffic. Case Study: Using CAR to Limit DDoS Attacks.VIII. TROUBLESHOOTING. 24. Troubleshooting Network Security Implementations. Troubleshooting NAT. Troubleshooting PIX Firewalls. Troubleshooting IOS Firewalls. Troubleshooting IPsec VPNs. Troubleshooting Intrusion Detection. Troubleshooting AAA.IX. APPENDIXES. Appendix A. Answers to Review Questions. Appendix B. SAFE: A Security Blueprint for Enterprise Networks White Paper. Bibliography. Index.
Responsibility: Saadat Malik.


User-contributed reviews
Retrieving GoodReads reviews...
Retrieving DOGObooks reviews...


Be the first.
Confirm this request

You may have already requested this item. Please select Ok if you would like to proceed with this request anyway.

Linked Data

Primary Entity

<> # Network security principles and practices
    a schema:CreativeWork, bgn:ComputerFile ;
   library:oclcnum "873842463" ;
   library:placeOfPublication <> ; # Indianapolis, Ind.
   library:placeOfPublication <> ;
   schema:about <> ; # Computersicherheit
   schema:about <> ; # Electronic books / local
   schema:about <> ;
   schema:about <> ; # Computer networks--Security measures--Examinations
   schema:about <> ; # Rechnernetz
   schema:about <> ; # Computer networks--Security measures
   schema:contributor <> ; # Safari Tech Books Online.
   schema:creator <> ; # Saadat Malik
   schema:datePublished "2003" ;
   schema:exampleOfWork <> ;
   schema:genre "Study guides" ;
   schema:inLanguage "en" ;
   schema:isSimilarTo <> ;
   schema:name "Network security principles and practices" ;
   schema:numberOfPages "774" ;
   schema:productID "873842463" ;
   schema:publication <> ;
   schema:publisher <> ; # Cisco
   schema:url <> ;
   schema:url <> ;
   wdrs:describedby <> ;

Related Entities

<> # Safari Tech Books Online.
    a schema:Organization ;
   schema:name "Safari Tech Books Online." ;

<> # Saadat Malik
    a schema:Person ;
   schema:familyName "Malik" ;
   schema:givenName "Saadat" ;
   schema:name "Saadat Malik" ;

<> # Indianapolis, Ind.
    a schema:Place ;
   schema:name "Indianapolis, Ind." ;

<> # Electronic books / local
    a schema:Thing ;
   schema:name "Electronic books / local" ;

<> # Computer networks--Security measures
    a schema:Intangible ;
   schema:name "Computer networks--Security measures" ;

<> # Computer networks--Security measures--Examinations
    a schema:Intangible ;
   schema:name "Computer networks--Security measures--Examinations" ;

<> # Computersicherheit
    a schema:Intangible ;
   schema:name "Computersicherheit" ;

Content-negotiable representations

Close Window

Please sign in to WorldCat 

Don't have an account? You can easily create a free account.