Overview

A firewall is as good as its policies and the security of its VPN connections. The latest generation of firewalls offers a dizzying array of powerful options; they key to success is to write concise policies that provide the appropriate level of access while maximizing security. This book covers the leading firewall products: Cisco PIX, Check Point NGX, Microsoft ISA Server, Juniper's NetScreen Firewall, and SonicWall. It describes in plain English what features can be controlled by a policy, and walks the reader through the steps for writing the policy to fit the objective. Because of their vulnerability and their complexity, VPN policies are covered in more depth with numerous tips for troubleshooting remote connections. * The only book that focuses on creating policies that apply to multiple products. * Included is a bonus chapter on using Ethereal, the most popular protocol analyzer, to monitor and analyze network traffic. * Shows what features can be controlled by a policy, and walks you through the steps for writing the policy to fit the objective at hand

Full Product Details

Author:   Syngress ,  Dale Liu ,  Stephanie Miller ,  Mark Lucas
Publisher:   Syngress Media,U.S.
Imprint:   Syngress Media,U.S.
Dimensions:   Width: 15.20cm , Height: 2.60cm , Length: 22.90cm
Weight:   0.720kg
ISBN:  

9781597490887

ISBN 10:   1597490881
Pages:   550
Publication Date:   28 September 2006
Audience:   Professional and scholarly ,  Professional & Vocational
Format:   Paperback
Publisher's Status:   No Longer Our Product
Availability:   In Print  
This item will be ordered in for you from one of our suppliers. Upon receipt, we will promptly dispatch it out to you. For in store availability, please contact us.

Table of Contents

Acknowledgments Technical Editor Contributing Authors Part I: Security Policy Chapter 1: Network Security Policy Introduction Defining Your Organization Different Access for Different Organizations Untrusted Networks Summary Solutions Fast Track Frequently Asked Questions Chapter 2: Using Your Policies to Create Firewall and VPN Configurations Introduction What Is a Logical Security Configuration? Planning Your Logical Security Configuration Writing Logical Security Configurations Summary Solutions Fast Track Frequently Asked Questions Part II: Firewall Concepts Chapter 3: Defining a firewall Introduction Why Have Different Types of Firewalls? Back to Basics—Transmission Control Protocol/Internet Protocol Firewall Types Application Proxy Gateway Summary Solutions Fast Track Frequently Asked Questions Chapter 4: Deciding on a Firewall Introduction Appliance/Hardware Solution Software Solutions Summary Solutions Fast Track Frequently Asked Questions Part III: VPN Concepts Chapter 5: Defining a VPN Introduction What Is a VPN? Public Key Cryptography IPSec SSL VPNs Layer 2 Solutions SSH Tunnels Technical Description Others Summary Solutions Fast Track Frequently Asked Questions Chapter 6: Deciding on a VPN Introduction Appliance / Hardware Solution Software Solutions Summary Solutions Fast Track Frequently Asked Questions Part IV: Implementing Firewalls and VPNs (Case Studies) Chapter 7: IT Infrastructure Security Plan Introduction Infrastructure Security Assessment Project Parameters Project Team Project Organization Project Work Breakdown Structure Project Risks and Mitigation Strategies Project Constraints and Assumptions Project Schedule and Budget IT Infrastructure Security Project Outline Summary Solutions Fast Track Chapter 8: Case Study: SOHO (Five Computers, Printer, Servers, etc.) Introduction Determining More Information with lsof Employing a Firewall in a SOHO Environment Introducing the SOHO Firewall Case Study Designing the SOHO Firewall Summary Solutions Fast Track Frequently Asked Questions Chapter 9: Medium Business (< 2000 People) Introduction Mapping Your Systems Improving Accountability with Identity Management VPN Connectivity Summary Solutions Fast Track Frequently Asked Questions Index

Reviews

Author Information

Dale Liu, (MCSE Security, CISSP, MCT, IAM/IEM, CCNA) has been working in the computer and networking field for over 20 years. Dale's experience ranges from programming to networking to information security and project management. He currently teaches networking, routing and security classes, while working in the field performing security audits and infrastructure design for medium to large companies. Abhishek Singh is a Security Researcher on the Microsoft Malware Protection Center (MMPC) team, where he performs analysis of vulnerabilities to develop signatures. He was previously employed with Symantec as a Senior Software Engineer. He was also one of the initial technical members of the Third Brigade Security Center, now part of Trend Micro. He has also worked for SafeNet. Abhishek was a leading inventor of various patent pending technologies in IDS/IPS and an algorithm for faster analysis of binaries and two-factor authentication. He served as Technical Editor for ""Vulnerability Analysis and Defense for the Internet"" and ""Identifying Malicious Code Through Reverse Engineering."" He has published Internet Drafts and security-related papers in primer journals and for various conferences. Abhishek holds a Master of Science in Information Security and a Master of Science in Computer Science, both from the College of Computing, Georgia Institute of Technology and a B.Tech. in Electrical Engineering from Institute of Technology, BHU, India.

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions