 |
Ksiazki - Informatyczne .pl » informatyka » informatyka Self-Defending Networks
Opis Self-Defending Networks: Self-Defending Networks: The Next Generation of Network Security helps networking professionals understand how to deploy an end-to-end, integrated network security solution. It presents a clear view of the various components that can be used throughout the network to not only monitor traffic but to allow the network itself to become more proactive in preventing and mitigating network attacks. This security primer provides unique insight into the entire range of Cisco security solutions, showing what each element is capable of doing and how all of the pieces work together to form an end-to-end Self-Defending Network. While other books tend to focus on individual security components, providing in-depth configuration guidelines for various devices and technologies, Self-Defending Networks instead presents a high-level overview of the entire range of technologies and techniques that comprise the latest thinking in proactive network security defenses. This book arms network security professionals with the latest information on the comprehensive suite of Cisco security tools and techniques. Network Admission Control, Network Infection Containment, Dynamic Attack Mitigation, DDoS Mitigation, Host Intrusion Prevention, and Integrated Security Management are all covered, providing the most complete overview of various security systems. It focuses on leveraging integrated management, rather than including a device-by-device manual to implement self-defending networks. Protect your network with self-regulating network security solutions that combat both internal and external threats.
Self-Defending Networks: The Next Generation of Network Security helps networking professionals understand how to deploy an end-to-end, integrated network security solution. It presents a clear view of the various components that can be used throughout the network to not only monitor traffic but to allow the network itself to become more proactive in preventing and mitigating network attacks. This security primer provides unique insight into the entire range of Cisco security solutions, showing what each element is capable of doing and how all of the pieces work together to form an end-to-end Self-Defending Network. While other books tend to focus on individual security components, providing in-depth configuration guidelines for various devices and technologies, Self-Defending Networks instead presents a high-level overview of the entire range of technologies and techniques that comprise the latest thinking in proactive network security defenses. This book arms network security professionals with the latest information on the comprehensive suite of Cisco security tools and techniques. Network Admission Control, Network Infection Containment, Dynamic Attack Mitigation, DDoS Mitigation, Host Intrusion Prevention, and Integrated Security Management are all covered, providing the most complete overview of various security systems. It focuses on leveraging integrated management, rather than including a device-by-device manual to implement self-defending networks. Spis treści Self-Defending Networks: Foreword Introduction Chapter 1 Understanding Types of Network Attacks and Defenses Categorizing Network Attacks Virus Worm Trojan Horse Denial-of-Service Distributed Denial-of-Service Spyware Phishing Understanding Traditional Network Defenses Router Access Lists Firewalls Intrusion Detection Systems Virtual Private Networks Antivirus Programs Introducing Cisco Self-Defending Networks DDoS Mitigation Intrusion Prevention Systems Adaptive Security Appliance Incident Control Service Network Admission Control IEEE 802.1x Host Intrusion Prevention: CSA Cisco Security Centralized Management Summary References Chapter 2 Mitigating Distributed Denial-of-Service Attacks Understanding Types of DDoS Attacks DDoS Mitigation Overview Using Cisco Traffic Anomaly Detector Configuring the Traffic Anomaly Detector Zone Creation Traffic Anomaly Detector Zone Filters Policy Template Learning Phase Detecting and Reporting Traffic Anomalies Configuring Cisco Guard Bootstrapping Zone Creation and Synchronization Cisco Guard Zone Filters Zone Traffic Diversion Learning Phase Activating Zone Protection Generating Attack Reports Summary References Chapter 3 Cisco Adaptive Security Appliance Overview Antispoofing Intrusion Prevention Service Launch ASDM for IPS Configuration Configure Service Policy Rules Define IPS Signatures Protocol Inspection Services HTTP Inspection Engine TCP Map HTTP Map Configuring Content Security and Control Security Content Security and Control Services Module (CSC-SSM) Setup Web URL Blocking URL Filtering Scanning File Blocking Scanning Antispam Content Filtering File Transfer Summary References Chapter 4 Cisco Incident Control Service Implementing Outbreak Management with Cisco ICS Outbreak Management Summary Information and Statistics on Network Threats from Trend Micro New Outbreak Management Task Outbreak Settings Displaying Outbreak Reports OPACL Settings Exception List Report Settings Watch List Settings Automatic Outbreak Management Task Displaying Devices Device List Add Device Viewing Logs Incident Log Query Event Log Query Outbreak Log Query Log Maintenance Summary References Chapter 5 Demystifying 802.1x Fundamentals of 802.1x Introducing Cisco Identity-Based Networking Services Machine Authentication 802.1x and NAC Using EAP Types EAP MD5 EAP TLS LEAP PEAP EAP FAST VPN and 802.1x Summary References Chapter 6 Implementing Network Admission Control Network Admission Control Overview NAC Framework Benefits NAC Framework Components Endpoint Security Application Posture Agent Network Access Devices Policy Server Management and Reporting Tools Operational Overview Network Admission for NAC-enabled Endpoints Endpoint Attempts to Access the Network NAD Notifies Policy Server Cisco Secure ACS Compares Endpoint to NAC Policy Cisco Secure ACS Forwards Information to Partner Policy Servers Cisco Secure ACS Makes a Decision Cisco Secure ACS Sends Enforcement Actions NAD Enforces Actions Posture Agent Actions Endpoint Polled for Change of Compliance Revalidation Process Network Admission for NAC Agentless Hosts Deployment Models LAN Access Compliance WAN Access Compliance Remote Access Compliance Summary References Chapter 7 Network Admission Control Appliance NAC Appliance Features NAC Appliance Manager Device Management CCA Servers Filters Clean Access Switch Management User Management Monitoring Administration Summary References Chapter 8 Managing the Cisco Security Agent Management Center for Cisco Security Agents Deploying Cisco Secure Agent Kits Displaying the End-Station Hostname in the Device Groups Reviewing Policies Attaching Rules to a Policy Generating and Deploying Rules Using Event Monitor Running Cisco Security Agent Analysis Cisco Security Agent Status System Security Summary References Chapter 9 Cisco Security Manager Getting Started Device View Add Device Configure Access Conrol Lists (ACLs) from Device View Configuring Interface Roles Apply Access Control List (ACL) Rules to Multiple Devices Invoking the Policy Query Using Analysis and Hit Count Functions Map View Showing Devices on the Topology Map Adding Cloud Networks and Hosts to the Topology Map Configuring Firewall Access Control List (ACLs) Rules from Topology Map Policy View Access Control List (ACL) Rules Security Policy Policy Inheritance and Mandatory Security Policies IPS Management Object Manager Value Override Per Device Summary References Chapter 10 Cisco Security Monitoring, Analysis, and Response System Understanding Cisco Security MARS Features Summary Dashboard Incidents Displaying Path of Incident and Mitigating the Attack Hotspot Graph and Attack Diagram Rules Query/Reports Management Admin Cisco Security Manager Linkages Summary References 1587052539, TOC, 8/14/2006 |
|
Księgarnia informatyczna © ksiazki-informatyczne.pl
- cisco press , książka informatyczna - Self-Defending Networks
|