| Preface |
|
xiii | |
|
PART ONE Foundations of Network Security |
|
|
1 | (148) |
|
Chapter 1 Fundamentals of Network Security |
|
|
2 | (41) |
|
What Is Network Security? |
|
|
4 | (3) |
|
|
|
4 | (2) |
|
Who---or What---Is Trustworthy? |
|
|
6 | (1) |
|
What Are Security Objectives? |
|
|
6 | (1) |
|
What Are You Trying to Protect? |
|
|
7 | (3) |
|
Seven Domains of a Typical IT Infrastructure |
|
|
9 | (1) |
|
Goals of Network Security |
|
|
10 | (1) |
|
How Can You Measure the Success of Network Security? |
|
|
10 | (1) |
|
Why Are Written Network Security Policies Important? |
|
|
11 | (1) |
|
|
|
11 | (1) |
|
Who Is Responsible for Network Security? |
|
|
12 | (1) |
|
Examples of Network Infrastructures and Related Security Concerns |
|
|
13 | (8) |
|
|
|
13 | (2) |
|
|
|
15 | (1) |
|
|
|
15 | (1) |
|
|
|
16 | (1) |
|
Thin Clients and Terminal Services |
|
|
17 | (1) |
|
Remote Control, Remote Access, and VPN |
|
|
17 | (2) |
|
|
|
19 | (1) |
|
Strengths and Weaknesses of Network Design |
|
|
20 | (1) |
|
Enhancing the Security of Wired Versus Wireless LAN Infrastructures |
|
|
21 | (1) |
|
Internal and External Network Issues |
|
|
22 | (2) |
|
Common Network Security Components Used to Mitigate Threats |
|
|
24 | (19) |
|
|
|
24 | (1) |
|
|
|
25 | (2) |
|
|
|
27 | (1) |
|
|
|
28 | (1) |
|
|
|
28 | (1) |
|
Network Address Translation |
|
|
29 | (3) |
|
Routers, Switches, and Bridges |
|
|
32 | (4) |
|
|
|
36 | (1) |
|
|
|
37 | (1) |
|
Intrusion Detection Systems and Intrusion Prevention Systems |
|
|
37 | (1) |
|
|
|
38 | (1) |
|
|
|
39 | (1) |
|
|
|
39 | (1) |
|
|
|
40 | (3) |
|
Chapter 2 Firewall Fundamentals |
|
|
43 | (36) |
|
|
|
44 | (8) |
|
|
|
47 | (5) |
|
Why Do You Need a Firewall? |
|
|
52 | (4) |
|
|
|
56 | (1) |
|
How Firewalls Work and What Firewalls Do |
|
|
57 | (4) |
|
|
|
61 | (5) |
|
|
|
62 | (2) |
|
|
|
64 | (1) |
|
|
|
64 | (1) |
|
|
|
65 | (1) |
|
|
|
66 | (2) |
|
Ingress and Egress Filtering |
|
|
68 | (1) |
|
|
|
69 | (3) |
|
|
|
69 | (1) |
|
Stateful Inspection and Dynamic Packet Filtering |
|
|
69 | (1) |
|
Network Address Translation (NAT) |
|
|
70 | (1) |
|
|
|
70 | (1) |
|
|
|
71 | (1) |
|
|
|
72 | (1) |
|
Software Versus Hardware Firewalls |
|
|
72 | (1) |
|
IPv4 Versus IPv6 Firewalls |
|
|
73 | (1) |
|
Dual-Homed and Triple-Homed Firewalls |
|
|
73 | (1) |
|
|
|
74 | (5) |
|
|
|
75 | (1) |
|
|
|
75 | (1) |
|
|
|
76 | (3) |
|
Chapter 3 VPN Fundamentals |
|
|
79 | (32) |
|
What Is a Virtual Private Network? |
|
|
80 | (5) |
|
What Are the Benefits of Deploying a VPN? |
|
|
85 | (2) |
|
What Are the Limitations of a VPN? |
|
|
87 | (7) |
|
What Are Effective VPN Policies? |
|
|
89 | (1) |
|
VPN Deployment Models and Architecture |
|
|
89 | (5) |
|
Tunnel Versus Transport Mode |
|
|
94 | (1) |
|
The Relationship Between Encryption and VPNs |
|
|
94 | (10) |
|
|
|
95 | (1) |
|
|
|
96 | (4) |
|
|
|
100 | (4) |
|
What Is VPN Authentication? |
|
|
104 | (1) |
|
|
|
105 | (6) |
|
|
|
107 | (1) |
|
|
|
107 | (1) |
|
|
|
108 | (3) |
|
Chapter 4 Network Security Threats and Issues |
|
|
111 | (38) |
|
|
|
113 | (1) |
|
Favorite Targets of Hackers |
|
|
114 | (2) |
|
Threats from Internal Personnel and External Entities |
|
|
116 | (9) |
|
|
|
119 | (6) |
|
|
|
125 | (1) |
|
Common IT Infrastructure Threats |
|
|
125 | (2) |
|
Hardware Failures and Other Physical Threats |
|
|
125 | (1) |
|
|
|
126 | (1) |
|
Accidents and Intentional Concerns |
|
|
127 | (1) |
|
|
|
127 | (3) |
|
Advanced Persistent Threat |
|
|
130 | (1) |
|
|
|
130 | (1) |
|
|
|
131 | (1) |
|
|
|
132 | (1) |
|
|
|
132 | (1) |
|
|
|
133 | (1) |
|
Fragmentation Attacks, Buffer Overflows, and XSS Attacks |
|
|
134 | (1) |
|
|
|
134 | (1) |
|
|
|
135 | (1) |
|
XSS (Cross-Site Scripting) Attacks |
|
|
135 | (1) |
|
Man-in-the-Middle, Session Hijacking, and Spoofing Attacks |
|
|
135 | (4) |
|
Man-in-the-Middle Attacks |
|
|
135 | (2) |
|
|
|
137 | (1) |
|
|
|
138 | (1) |
|
|
|
139 | (2) |
|
Network and Resource Availability Threats |
|
|
141 | (1) |
|
|
|
141 | (1) |
|
Distributed Denial of Service (DDoS) |
|
|
142 | (1) |
|
|
|
143 | (1) |
|
|
|
144 | (5) |
|
|
|
145 | (1) |
|
|
|
146 | (1) |
|
|
|
147 | (2) |
|
PART TWO Technical Overview of Network Security, Firewalls, and VPNs |
|
|
149 | (224) |
|
Chapter 5 Network Security Implementation |
|
|
150 | (31) |
|
Seven Domains of a Typical IT Infrastructure |
|
|
151 | (2) |
|
Network Design and Defense in Depth |
|
|
153 | (4) |
|
|
|
157 | (2) |
|
Common Types of Addressing |
|
|
159 | (2) |
|
|
|
161 | (1) |
|
Controlling Communication Pathways |
|
|
161 | (4) |
|
|
|
165 | (1) |
|
|
|
166 | (2) |
|
Authentication, Authorization, and Accounting |
|
|
168 | (2) |
|
|
|
170 | (1) |
|
Hosts: Local-Only or Remote and Mobile |
|
|
171 | (1) |
|
|
|
172 | (1) |
|
|
|
173 | (8) |
|
|
|
173 | (1) |
|
|
|
174 | (1) |
|
|
|
174 | (1) |
|
|
|
175 | (1) |
|
|
|
176 | (2) |
|
|
|
178 | (1) |
|
|
|
178 | (1) |
|
|
|
179 | (2) |
|
Chapter 6 Network Security Management |
|
|
181 | (31) |
|
Network Security Management Best Practices |
|
|
182 | (7) |
|
Fail-Secure, Fail-Open, and Fail-Close Options |
|
|
189 | (1) |
|
|
|
190 | (1) |
|
|
|
191 | (1) |
|
|
|
191 | (1) |
|
Trapping Intruders and Violators |
|
|
191 | (1) |
|
Why Containment Is Important |
|
|
192 | (1) |
|
Imposing Compartmentalization |
|
|
192 | (1) |
|
Using Honeypots, Honeynets, and Padded Cells |
|
|
193 | (1) |
|
Essential Host Security Controls |
|
|
193 | (2) |
|
|
|
195 | (1) |
|
User Training and Awareness |
|
|
196 | (3) |
|
Network Security Management Tools |
|
|
199 | (1) |
|
|
|
200 | (2) |
|
Network Security Troubleshooting |
|
|
202 | (2) |
|
|
|
204 | (1) |
|
|
|
205 | (1) |
|
|
|
206 | (1) |
|
|
|
207 | (1) |
|
|
|
207 | (1) |
|
Post-Mortem Assessment Review |
|
|
208 | (4) |
|
|
|
209 | (1) |
|
|
|
209 | (1) |
|
|
|
210 | (2) |
|
Chapter 7 Firewall Basics |
|
|
212 | (35) |
|
|
|
213 | (10) |
|
Authentication, Authorization, and Accounting |
|
|
223 | (3) |
|
|
|
226 | (2) |
|
Understanding and Interpreting Firewall Logs and Alerts |
|
|
228 | (4) |
|
|
|
232 | (1) |
|
|
|
233 | (3) |
|
|
|
236 | (2) |
|
The Downside of Encryption with Firewalls |
|
|
238 | (1) |
|
|
|
239 | (2) |
|
|
|
241 | (6) |
|
|
|
244 | (1) |
|
|
|
244 | (1) |
|
|
|
245 | (2) |
|
Chapter 8 Firewall Deployment Considerations |
|
|
247 | (27) |
|
What Should You Allow and What Should You Block? |
|
|
248 | (3) |
|
Common Security Strategies for Firewall Deployments |
|
|
251 | (8) |
|
Security Through Obscurity |
|
|
251 | (1) |
|
|
|
252 | (1) |
|
|
|
253 | (1) |
|
|
|
254 | (1) |
|
|
|
255 | (2) |
|
|
|
257 | (1) |
|
|
|
257 | (1) |
|
|
|
258 | (1) |
|
Forced Universal Participation |
|
|
258 | (1) |
|
Essential Elements of a Firewall Policy |
|
|
259 | (2) |
|
Software and Hardware Options for Firewalls |
|
|
261 | (1) |
|
Benefit and Purpose of Reverse Proxy |
|
|
262 | (1) |
|
Use and Benefit of Port-Forwarding |
|
|
263 | (1) |
|
Considerations for Selecting a Bastion Host OS |
|
|
263 | (2) |
|
Constructing and Ordering Firewall Rules |
|
|
265 | (1) |
|
Evaluating Needs and Solutions in Designing Security |
|
|
266 | (2) |
|
What Happens When Security Gets in the Way of Doing Business? |
|
|
268 | (6) |
|
|
|
270 | (1) |
|
|
|
270 | (1) |
|
|
|
271 | (3) |
|
Chapter 9 Firewall Management and Security |
|
|
274 | (26) |
|
Best Practices for Firewall Management |
|
|
275 | (4) |
|
Security Measures in Addition to a Firewall |
|
|
279 | (2) |
|
Selecting the Right Firewall for Your Needs |
|
|
281 | (1) |
|
The Difference Between Buying and Building a Firewall |
|
|
282 | (1) |
|
Mitigating Firewall Threats and Exploits |
|
|
283 | (4) |
|
Concerns Related to Tunneling Through or Across a Firewall |
|
|
287 | (2) |
|
Testing Firewall Security |
|
|
289 | (1) |
|
Important Tools for Managing and Monitoring a Firewall |
|
|
290 | (2) |
|
Troubleshooting Firewalls |
|
|
292 | (3) |
|
Proper Firewall Implementation Procedure |
|
|
295 | (1) |
|
|
|
296 | (4) |
|
|
|
297 | (1) |
|
|
|
297 | (1) |
|
|
|
297 | (3) |
|
Chapter 10 Using Common Firewalls |
|
|
300 | (22) |
|
Individual and Small Office/Home Office (SOHO) Firewall Options |
|
|
301 | (4) |
|
Uses for a Host Software Firewall |
|
|
305 | (2) |
|
Examples of Software Firewall Products |
|
|
306 | (1) |
|
Using Windows 7's Host Software Firewall |
|
|
307 | (2) |
|
Using a Linux Host Software Firewall |
|
|
309 | (1) |
|
Managing the Firewall on an ISP Connection Device |
|
|
310 | (5) |
|
Converting a Home Router into a Firewall |
|
|
311 | (4) |
|
Commercial Software Network Firewalls |
|
|
315 | (1) |
|
Open-Source Software Network Firewalls |
|
|
315 | (1) |
|
|
|
316 | (2) |
|
|
|
318 | (1) |
|
Simple Firewall Techniques |
|
|
318 | (4) |
|
|
|
319 | (1) |
|
|
|
320 | (1) |
|
|
|
320 | (2) |
|
Chapter 11 VPN Management |
|
|
322 | (29) |
|
VPN Management Best Practices |
|
|
323 | (5) |
|
|
|
328 | (2) |
|
Developing a VPN Deployment Plan |
|
|
330 | (5) |
|
|
|
331 | (1) |
|
Internally Connected Deployment |
|
|
332 | (1) |
|
|
|
332 | (3) |
|
|
|
335 | (5) |
|
Commercial or Open Source VPNs |
|
|
340 | (1) |
|
Differences Between Personal and Enterprise VPNs |
|
|
340 | (1) |
|
Balancing Anonymity and Privacy |
|
|
341 | (1) |
|
Protecting VPN Security to Support Availability |
|
|
341 | (1) |
|
The Importance of User Training |
|
|
342 | (1) |
|
|
|
343 | (8) |
|
|
|
348 | (1) |
|
|
|
348 | (1) |
|
|
|
349 | (2) |
|
Chapter 12 VPN Technologies |
|
|
351 | (22) |
|
Differences Between Software and Hardware Solutions |
|
|
352 | (2) |
|
|
|
353 | (1) |
|
|
|
353 | (1) |
|
Differences Between Layer 2 and Layer 3 VPNs |
|
|
354 | (1) |
|
Internet Protocol Security (IPSec) |
|
|
355 | (2) |
|
Layer 2 Tunneling Protocol (L2TP) |
|
|
357 | (1) |
|
Secure Sockets Layer (SSL)/Transport Layer Security (TLS) |
|
|
358 | (3) |
|
|
|
360 | (1) |
|
Secure Shell (SSH) Protocol |
|
|
361 | (1) |
|
Establishing Performance and Stability for VPNs |
|
|
362 | (2) |
|
|
|
362 | (2) |
|
|
|
364 | (1) |
|
Using VPNs with Network Address Translation (NAT) |
|
|
364 | (2) |
|
|
|
366 | (2) |
|
|
|
366 | (1) |
|
|
|
367 | (1) |
|
Differences Between Internet Protocol Version 4 (IPv4) and Internet Protocol Version 6 (IPv6) |
|
|
368 | (5) |
|
The TCP/IP Protocol Suite |
|
|
368 | (1) |
|
|
|
368 | (1) |
|
|
|
369 | (1) |
|
|
|
370 | (1) |
|
|
|
370 | (1) |
|
|
|
371 | (1) |
|
|
|
371 | (2) |
|
PART THREE Implementation, Resources, and the Future |
|
|
373 | (68) |
|
Chapter 13 Firewall Implementation |
|
|
374 | (20) |
|
Constructing, Configuring, and Managing a Firewall |
|
|
375 | (1) |
|
|
|
375 | (2) |
|
Examining Your Network and Its Security Needs |
|
|
377 | (7) |
|
|
|
377 | (2) |
|
|
|
379 | (1) |
|
Firewall Design and Implementation Guidelines |
|
|
380 | (3) |
|
|
|
383 | (1) |
|
Hardware Requirements for SmoothWall |
|
|
384 | (1) |
|
Planning a Firewall Implementation with SmoothWall |
|
|
384 | (2) |
|
Firewalling a Big Organization: Application-Level Firewall and Package Filtering, a Hybrid System |
|
|
385 | (1) |
|
Firewalling a Small Organization: Packet Filtering or Application-Level Firewall, a Proxy Implementation |
|
|
385 | (1) |
|
Firewalling in a Subnet Architecture |
|
|
386 | (1) |
|
Installing a Firewall with SmoothWall |
|
|
386 | (1) |
|
Configuring a Firewall with SmoothWall |
|
|
387 | (1) |
|
Elements of Firewall Deployment |
|
|
388 | (1) |
|
Performing Testing with SmoothWall |
|
|
388 | (1) |
|
|
|
389 | (1) |
|
Additional SmoothWall Features |
|
|
390 | (1) |
|
Firewall Implementation Best Practices |
|
|
390 | (4) |
|
|
|
391 | (1) |
|
|
|
392 | (1) |
|
|
|
392 | (2) |
|
Chapter 14 Real-World VPNs |
|
|
394 | (24) |
|
Operating System---Based VPNs |
|
|
395 | (3) |
|
|
|
398 | (1) |
|
Configuring a Typical VPN Appliance |
|
|
399 | (1) |
|
Client-Side Configuration |
|
|
399 | (1) |
|
|
|
399 | (1) |
|
Using Remote Control Tools |
|
|
400 | (1) |
|
|
|
401 | (2) |
|
The Technology for Remote Use |
|
|
401 | (1) |
|
Choosing Between IPSec and SSL Remote Access VPNs |
|
|
402 | (1) |
|
|
|
403 | (1) |
|
|
|
404 | (1) |
|
|
|
404 | (1) |
|
|
|
404 | (1) |
|
DMZ, Extranet, and Intranet VPN Solutions |
|
|
405 | (2) |
|
|
|
405 | (1) |
|
|
|
406 | (1) |
|
|
|
407 | (1) |
|
Online Remote VPN Options |
|
|
407 | (1) |
|
|
|
407 | (1) |
|
|
|
408 | (1) |
|
|
|
408 | (1) |
|
|
|
408 | (1) |
|
|
|
408 | (1) |
|
|
|
408 | (1) |
|
Planning a VPN Implementation |
|
|
409 | (6) |
|
|
|
410 | (1) |
|
|
|
411 | (1) |
|
|
|
412 | (1) |
|
Testing and Troubleshooting |
|
|
413 | (2) |
|
VPN Implementation Best Practices |
|
|
415 | (3) |
|
|
|
415 | (1) |
|
|
|
416 | (1) |
|
|
|
416 | (2) |
|
Chapter 15 Perspectives, Resources, and the Future |
|
|
418 | (23) |
|
What the Future Holds for Network Security, Firewalls, and VPNs |
|
|
419 | (5) |
|
|
|
420 | (1) |
|
|
|
421 | (1) |
|
|
|
421 | (1) |
|
|
|
421 | (1) |
|
|
|
422 | (1) |
|
|
|
422 | (1) |
|
|
|
423 | (1) |
|
|
|
423 | (1) |
|
|
|
424 | (1) |
|
Bring Your Own Device (BYOD) |
|
|
424 | (1) |
|
Resource Sites for Network Security, Firewalls, and VPNs |
|
|
424 | (1) |
|
Tools for Network Security, Firewalls, and VPNs |
|
|
425 | (1) |
|
Commercial Off-the-Shelf (COTS) Software |
|
|
425 | (1) |
|
Open Source Applications and Tools |
|
|
426 | (1) |
|
The Impact of Ubiquitous Wireless Connectivity |
|
|
426 | (2) |
|
Potential Uses of Security Technologies |
|
|
428 | (3) |
|
What Happens When There Is No Perimeter? |
|
|
430 | (1) |
|
Specialized Firewalls Available |
|
|
431 | (3) |
|
Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs) |
|
|
432 | (2) |
|
Effect of Honeypots, Honeynets, and Padded Cells |
|
|
434 | (1) |
|
Emerging Network Security Technologies |
|
|
435 | (6) |
|
|
|
435 | (1) |
|
VPNs, Firewalls, and Virtualization |
|
|
436 | (1) |
|
|
|
437 | (1) |
|
|
|
437 | (1) |
|
|
|
438 | (1) |
|
|
|
439 | (1) |
|
|
|
439 | (2) |
| Appendix A Answer Key |
|
441 | (2) |
| Appendix B Standard Acronyms |
|
443 | (2) |
| Glossary of Key Terms |
|
445 | (26) |
| References |
|
471 | (4) |
| Index |
|
475 | |
