Features
- Cover Type: Paperback with 608 pages
- Published by: Syngress
- Edition: 1st Edition March 1, 2004
- Written in: English
- ISBN 10 Number: 1931836019
- ISBN 13 Number: 978-1931836012
-
Book Dimensions:
9 x 7 x 1 inches
- Weighs: 1.7 pounds
Product Description
Security Sage's Guide to Hardening the Network Infrastructure will be the only publication that provides security and Information Technology (IT) professionals an in-depth and comprehensive view of network devices, protocols and architectures. It provides detailed guidance on real-world network threats and exposures. While most network security books focus on ancillary topics, such as operating systems, RDBMS, groupware, and other applications, this book will concentrate strictly on the nuts and bolts of networks, such as routers, firewalls, Intrusion Detection Systems (IDS) and the networking protocols that work in congress with them. It has over 200 pages dedicated to the most up-to-date network layer attacks and mitigation techniques across an wide assortment of vendors and not just the typical attention paid to market leaders such as Cisco and Checkpoint. This expanded breadth will help reach a wider range of network engineers who may not have the budget to purchase and install best-of-breed hardware, but want to know how to make the most out of what they do have. In addition, this book provides detailed network architecture and design techniques to help lessen the impact or feasibility of potential attacks. This book focuses on both perimeter and internal networks, giving IT and security administrators a complete picture of how they should design and protect their enterprises. Other books may concentrate on perimeter security or host configuration yet ignore the infrastructure connecting the two. While others tend to focus on theory and basic security background, this publication will dive right into the content and help provide real solutions to common IT security problems.
Publisher Description
Iron Clad Protection for the Nuts and Bolts of Your Enterprise Network Security Sage's Guide to Hardening the Network Infrastructure provides detailed, hands-on coverage on how use network devices, protocols and design techniques to optimize the security of your Enterprise Network. Unlike most network security books (which tend to focus on the vulnerabilities of operating systems, RDBMS, groupware, and other applications), this book concentrates strictly on the nuts and bolts of networks; including routers, firewalls, Intrusion Detection Systems (IDS) and networking protocols. The book deals with perimeter and internal network segments, as well as the vulnerable infrastructure that connects the two. Short on recycled security theory and long on real examples and solutions, this book is a must have for any serious security or network professional.
Find the IP Addresses Assigned to Your Company
Your perimeter network's Internet Access Points are the only gateway for Internet attackers to enter your network. Do you know where they are?
Make Sense of Network Device Counters
Translate the raw information logged by routers, switches, and firewalls into meaningful trends.
Choose the Right Firewall
Which type, proxy or stateful inspection-is right for your organization? And which vendor's products do the job?
Learn Firewall Hacks from the Inside Out
Understand the differences between protecting against the three primary methods for attacking firewalls: information gathering, denial of service, and remote system compromise.
Configure and Maintain Routers for Optimal Security
Maintain accurate records and archives as your router's configuration and the vendor's operating system evolve.
Understand the Need for Layer 3 Switching
ISO Layer 3, the network layer, creates protocol-based connections between network devices, and switches with Layer 3 functionality now allow the multiple VLANs to communicate. Are you protected?
Protect Against Cisco HTTP and UDP vulnerabilities
Understand why an existing UDP memory leak vulnerability in the Cisco IOS, combined with an HTTP buffer overflow vulnerability, result in an extremely high success rate of exploitation.
Find and Implement the Right Intrusion Detection System for Your Network
How do attackers fool IDS systems and navigate around them? Do you know a Honeypot from a Tarpit? Your Solutions Membership Gives You Access to:
Comprehensive FAQ page that consolidates all of the key points of this book into an easy to search web page
"From the Author" Forum where the authors post timely updates and links to related sites
These Downloadable e-booklets:
Ethereal Packet Sniffing: Writing Capture and Display Filters
Cisco Security Specialist's Guide to Secure Intrusion Detection Systems: Cisco IDS Alarms and Signatures
Check Point Next Generation with Application Intelligence Security Administration: Configuring Virtual Private Networks
Security Assessment: System Information Criticality
Reader ReviewsThe book gives a tour of how to protect your computer network from intrusion. As you might expect, the authors devote substantial space to how you might design the network; often with a firewall and DMZ. Inevitably the firewall will be attacked, so there's a lengthy foray into the various attack vectors and your countermeasures. Variants of a Denial of Service are perhaps the most common attacks. However, there's no analysis of the most virulent form, a Distributed DoS. I found the best strength of the book was its analysis of the various vendors offering products in this field. It's an up to date study of many key vendors. Cisco, Symantec and Novell, of course. But also much smaller entities like Tero and Net Continuum. The authors furnish an independent assessment of each company's main products. Other chapters talk about things like routing protocols and network switching. Important certainly. But you can find this material in other networking books. If you are considering this book, go for its comparative advantage of the vendor studies
Search for books at
