End-to-End Network Security
Contents
Foreword
Introduction
Part I: Introduction to Network Security Solutions
Chapter 1 Overview of Network Security Technologies
Firewalls
Virtual Private Networks (VPN)
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
Anomaly Detection Systems
Authentication, Authorization, and Accounting (AAA) and Identity Management
Network Admission Control
Routing Mechanisms as Security Tools
Summary
Part II: Security Lifestyle: Frameworks and Methodologies
Chapter 2 Preparation Phase
Risk Analysis
Social Engineering
Security Intelligence
Creating a Computer Security Incident Response Team (CSIRT)
Building Strong Security Policies
Infrastructure Protection
Endpoint Security
Network Admission Control
Summary
Chapter 3 Identifying and Classifying Security Threats
Network Visibility
Telemetry and Anomaly Detection
Intrusion Detection and Intrusion Prevention Systems (IDS/IPS)
Summary
Chapter 4 Traceback
Traceback in the Service Provider Environment
Traceback in the Enterprise
Summary
Chapter 5 Reacting to Security Incidents
Adequate Incident-Handling Policies and Procedures
Laws and Computer Crimes
Security Incident Mitigation Tools
Forensics
Summary
Chapter 6 Postmortem and Improvement
Collected Incident Data
Root-Cause Analysis and Lessons Learned
Building an Action Plan
Summary
Chapter 7 Proactive Security Framework
SAVE Versus ITU-T X.805
Identity and Trust
Visibility
Correlation
Instrumentation and Management
Isolation and Virtualization
Policy Enforcement
Visualization Techniques
Summary
Part III: Defense-In-Depth Applied
Chapter 8 Wireless Security
Overview of Cisco Unified Wireless Network Architecture
Authentication and Authorization of Wireless Users
Lightweight Access Point Protocol (LWAPP)
Wireless Intrusion Prevention System Integration
Management Frame Protection (MFP)
Precise Location Tracking
Network Admission Control (NAC) in Wireless Networks
Summary
Chapter 9 IP Telephony Security
Protecting the IP Telephony Infrastructure
Securing the IP Telephony Applications
Protecting Against Eavesdropping Attacks
Summary
Chapter 10 Data Center Security
Protecting the Data Center Against Denial of Service (DoS) Attacks and Worms
Data Center Segmentation and Tiered Access Control
Deploying Network Intrusion Detection and Prevention Systems
Deploying the Cisco Security Agent (CSA) in the Data Center
Summary
Chapter 11 IPv6 Security
Reconnaissance
Filtering in IPv6
Spoofing
Header Manipulation and Fragmentation
Broadcast Amplification or Smurf Attacks
IPv6 Routing Security
IPsec and IPv6
Summary
Part IV Case Studies
Chapter 12 Case Studies
Case Study of a Small Business
Case Study of a Medium-Sized Enterprise
Case Study of a Large Enterprise
Summary
Index
A
B
C
D
E
F
G
H
I
L
M
N
O
P
Q
R
S
T
U
V
W
Z