Self-Defending Networks: The Next Generation of Network Security

Self-Defending Networks: The Next Generation of Network Security

作者: Duane De Capite
出版社: Cisco Press
出版在: 2006-09-10
ISBN-13: 9781587052538
ISBN-10: 1587052539
裝訂格式: Paperback
總頁數: 264 頁





內容描述


Description 

Protect your network with self-regulating
network security solutions that combat both internal and external threats.

Provides an overview of the security components used to design proactive
network security
Helps network security professionals understand what the latest tools
and techniques can do and how they interact
Presents detailed information on how to use integrated management to
increase security
Includes a design guide with step-by-step implementation
instructions
Self-Defending Networks: The Next Generation of
Network Security helps networking professionals understand how to deploy
an end-to-end, integrated network security solution. It presents a clear view
of the various components that can be used throughout the network to not only
monitor traffic but to allow the network itself to become more proactive in
preventing and mitigating network attacks. This security primer provides
unique insight into the entire range of Cisco security solutions, showing what
each element is capable of doing and how all of the pieces work together to
form an end-to-end Self-Defending Network. While other books tend to focus on
individual security components, providing in-depth configuration guidelines
for various devices and technologies, Self-Defending Networks instead
presents a high-level overview of the entire range of technologies and
techniques that comprise the latest thinking in proactive network security
defenses. This book arms network security professionals with the latest
information on the comprehensive suite of Cisco security tools and techniques.
Network Admission Control, Network Infection Containment, Dynamic Attack
Mitigation, DDoS Mitigation, Host Intrusion Prevention, and Integrated
Security Management are all covered, providing the most complete overview of
various security systems. It focuses on leveraging integrated management,
rather than including a device-by-device manual to implement self-defending
networks.
 
 
Table of
Contents

Foreword
    Introduction
Chapter 1    Understanding Types of
Network Attacks and Defenses
    Categorizing Network Attacks
        Virus
        Worm
        Trojan
Horse
   
    Denial-of-Service
        Distributed
Denial-of-Service
        Spyware
        Phishing
    Understanding Traditional Network
Defenses
        Router
Access Lists
   
    Firewalls
        Intrusion
Detection Systems
        Virtual
Private Networks
        Antivirus
Programs
    Introducing Cisco Self-Defending
Networks
        DDoS
Mitigation
        Intrusion
Prevention Systems
        Adaptive
Security Appliance
        Incident
Control Service
        Network
Admission Control
        IEEE
802.1x
        Host
Intrusion Prevention: CSA
        Cisco
Security Centralized Management
    Summary
    References
Chapter 2    Mitigating Distributed
Denial-of-Service Attacks
    Understanding Types of DDoS
Attacks
    DDoS Mitigation Overview
    Using Cisco Traffic Anomaly
Detector
        Configuring
the Traffic Anomaly Detector
        Zone
Creation
        Traffic
Anomaly Detector Zone Filters
        Policy
Template
        Learning
Phase
        Detecting
and Reporting Traffic Anomalies
    Configuring Cisco Guard
   
    Bootstrapping
        Zone
Creation and Synchronization
        Cisco Guard
Zone Filters
        Zone Traffic
Diversion
        Learning
Phase
        Activating
Zone Protection
        Generating
Attack Reports
    Summary
    References
Chapter 3    Cisco Adaptive Security
Appliance Overview
    Antispoofing
    Intrusion Prevention Service
        Launch ASDM
for IPS Configuration
        Configure
Service Policy Rules
        Define IPS
Signatures
    Protocol Inspection Services
    HTTP Inspection Engine
        TCP Map
        HTTP Map
    Configuring Content Security and
Control Security
        Content
Security and Control Services Module (CSC-SSM) Setup
        Web
   
        URL Blocking
   
        URL Filtering
   
        Scanning
   
        File Blocking
        Mail
        Scanning
        Antispam
        Content
Filtering
    File Transfer
    Summary
    References
Chapter 4    Cisco Incident Control
Service
    Implementing Outbreak Management
with Cisco ICS
        Outbreak
Management Summary
        Information
and Statistics on Network Threats from Trend Micro
        New Outbreak
Management Task
        Outbreak
Settings
    Displaying Outbreak Reports
        OPACL
Settings
        Exception
List
        Report
Settings
        Watch List
Settings
        Automatic
Outbreak Management Task
    Displaying Devices
        Device
List
        Add
Device
    Viewing Logs
        Incident Log
Query
        Event Log
Query
        Outbreak Log
Query
        Log
Maintenance
    Summary
    References
Chapter 5    Demystifying 802.1x
    Fundamentals of 802.1x
    Introducing Cisco Identity-Based
Networking Services
    Machine Authentication
    802.1x and NAC
    Using EAP Types
        EAP MD5
        EAP TLS
        LEAP
        PEAP
        EAP FAST
    VPN and 802.1x
    Summary
    References
Chapter 6    Implementing Network
Admission Control
    Network Admission Control
Overview
    NAC Framework Benefits
    NAC Framework Components
        Endpoint
Security Application
        Posture
Agent
        Network
Access Devices
        Policy
Server
        Management
and Reporting Tools
    Operational Overview
    Network Admission for NAC-enabled
Endpoints
        Endpoint
Attempts to Access the Network
        NAD Notifies
Policy Server
        Cisco Secure
ACS Compares Endpoint to NAC Policy
        Cisco Secure
ACS Forwards Information to Partner Policy Servers
        Cisco Secure
ACS Makes a Decision
        Cisco Secure
ACS Sends Enforcement Actions
        NAD Enforces
Actions
        Posture
Agent Actions
        Endpoint
Polled for Change of Compliance
        Revalidation
Process
    Network Admission for NAC Agentless
Hosts
    Deployment Models
        LAN Access
Compliance
        WAN Access
Compliance
        Remote
Access Compliance
    Summary
    References
Chapter 7    Network Admission Control
Appliance
    NAC Appliance Features
    NAC Appliance Manager
    Device Management
        CCA
Servers
        Filters
        Clean
Access
    Switch Management
    User Management
    Monitoring
    Administration
    Summary
    References
Chapter 8    Managing the Cisco Security
Agent
    Management Center for Cisco Security
Agents
        Deploying
Cisco Secure Agent Kits
        Displaying
the End-Station Hostname in the Device Groups
        Reviewing
Policies
        Attaching
Rules to a Policy
        Generating
and Deploying Rules
        Using Event
Monitor
        Running
Cisco Security Agent Analysis
    Cisco Security Agent
        Status
        System
Security
    Summary
    References
Chapter 9    Cisco Security Manager
    Getting Started
    Device View
        Add
Device
        Configure
Access Conrol Lists (ACLs) from Device View
        Configuring
Interface Roles
        Apply Access
Control List (ACL) Rules to Multiple Devices
        Invoking the
Policy Query
        Using
Analysis and Hit Count Functions
    Map View
        Showing
Devices on the Topology Map
        Adding Cloud
Networks and Hosts to the Topology Map
        Configuring
Firewall Access Control List (ACLs) Rules from Topology Map
    Policy View
        Access
Control List (ACL) Rules Security Policy
        Policy
Inheritance and Mandatory Security Policies
    IPS Management
    Object Manager
    Value Override Per Device
    Summary
    References
Chapter 10    Cisco Security Monitoring,
Analysis, and Response System
    Understanding Cisco Security MARS
Features
    Summary Dashboard
    Incidents
        Displaying
Path of Incident and Mitigating the Attack
        Hotspot
Graph and Attack Diagram
    Rules
    Query/Reports
    Management
    Admin
    Cisco Security Manager Linkages
    Summary
   
References




相關書籍

Vehicular Ad Hoc Network Security and Privacy (Hardcover)

作者 Xiaodong Lin Rongxing Lu

2006-09-10

網絡安全滲透測試理論與實踐

作者 祿凱 陳鐘 章恆 等

2006-09-10

Pro Cryptography and Cryptanalysis: Creating Advanced Algorithms with C# and .Net

作者 Mihailescu Marius Iulian Nita Stefania Loredana

2006-09-10