You are previewing Network Security, Firewalls, and VPNs.
O'Reilly logo
Network Security, Firewalls, and VPNs

Book Description

PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES! Network Security, Firewalls, and VPNs provides a unique, in-depth look at the major business challenges and threats that are introduced when an organization’s network is connected to the public Internet. Written by an industry expert, this book provides a comprehensive explanation of network security basics, including how hackers access online networks and the use of Firewalls and VPNs to provide security countermeasures. Using examples and exercises, this book incorporates hands-on activities to prepare the reader to disarm threats and prepare for emerging technologies and future attacks.

Table of Contents

  1. Copyright
  2. Preface
    1. Purpose of This Book
    2. Learning Features
    3. Audience
      1. About the Author
  3. ONE. Foundations of Network Security
    1. 1. Fundamentals of Network Security
      1. What Is Network Security?
        1. What Is Trust?
        2. Who—or What—Is Trustworthy?
        3. What Are Security Objectives?
      2. What Are You Trying to Protect?
        1. Seven Domains of a Typical IT Infrastructure
      3. Goals of Network Security
      4. How Can You Measure the Success of Network Security?
      5. Why Are Written Network Security Policies Important?
        1. Planning for the Worst
      6. Who Is Responsible for Network Security?
      7. Examples of Network Infrastructures and Related Security Concerns
        1. Workgroups
        2. SOHO Networks
        3. Client/Server Networks
        4. LAN Versus WAN
        5. Thin Clients and Terminal Services
        6. Remote Control, Remote Access, and VPN
        7. Boundary Networks
        8. Strengths and Weaknesses of Network Design
      8. Enhancing the Security of Wired Versus Wireless LAN Infrastructures
      9. Internal and External Network Issues
      10. Common Network Security Components Used to Mitigate Threats
        1. Hosts and Nodes
        2. IPv4 Versus IPv6
        3. Firewall
        4. VPN
        5. Proxy
        6. NAT
        7. Routers, Switches, and Bridges
        8. DNS
        9. Directory Services
        10. IDS/IPS
        11. NAC
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 1 ASSESSMENT
    2. 2. Firewall Fundamentals
      1. What Is a Firewall?
        1. What Firewalls Cannot Do
      2. Why Do You Need a Firewall?
      3. What Are Zones of Risk?
      4. How Firewalls Work and What Firewalls Do
      5. TCP/IP Basics
        1. OSI Model
        2. Sub-Protocols
        3. Headers and Payloads
        4. Addressing
      6. Types of Firewalls
      7. Ingress and Egress Filtering
      8. Types of Filtering
        1. Static Packet Filtering
        2. Stateful Inspection and Dynamic Packet Filtering
        3. Network Address Translation (NAT)
        4. Application Proxy
        5. Circuit Proxy
        6. Content Filtering
      9. Software Versus Hardware Firewalls
        1. IPv4 Versus IPv6 Firewalls
      10. Dual-Homed and Triple-Homed Firewalls
      11. Placement of Firewalls
      12. CHAPTER SUMMARY
      13. KEY CONCEPTS AND TERMS
      14. CHAPTER 2 ASSESSMENT
    3. 3. VPN Fundamentals
      1. What Is a VPN?
      2. What Are the Benefits of Deploying a VPN?
      3. What Are the Limitations of a VPN?
        1. What Are Effective VPN Policies?
        2. VPN Deployment Models and Architecture
          1. Edge Router
          2. Corporate Firewall
          3. VPN Appliance
          4. Remote Access
          5. Site-to-Site
          6. Host-to-Host
          7. Extranet Access
        3. Tunnel Versus Transport Mode
      4. The Relationship Between Encryption and VPNs
        1. Symmetric Cryptography
        2. Asymmetric Cryptography
        3. Hashing
          1. Establishing VPN Connections with Cryptography
          2. Digital Certificates
      5. What Is VPN Authentication?
      6. VPN Authorization
      7. CHAPTER SUMMARY
      8. KEY CONCEPTS AND TERMS
      9. CHAPTER 3 ASSESSMENT
    4. 4. Network Security Threats and Issues
      1. Hacker Motivation
      2. Favorite Targets of Hackers
      3. Threats from Internal Personnel and External Entities
        1. The Hacking Process
          1. Reconnaissance
          2. Scanning
          3. Enumeration
          4. Attacking
          5. Post-Attack Activities
        2. Fall Back Attacks
      4. Common IT Infrastructure Threats
        1. Hardware Failures and Other Physical Threats
        2. Natural Disasters
        3. Accidents and Intentional Concerns
      5. Malicious Code (Malware)
      6. Fast Growth and Overuse
      7. Wireless Versus Wired
      8. Eavesdropping
      9. Replay Attacks
      10. Insertion Attacks
      11. Fragmentation Attacks, Buffer Overflows, and XSS Attacks
        1. Fragmentation Attacks
        2. Buffer Overflows
        3. XSS (Cross-Site Scripting) Attacks
      12. Man-in-the-Middle, Session Hijacking, and Spoofing Attacks
        1. Man-in-the-Middle Attacks
        2. Session Hijacking
        3. Spoofing Attacks
      13. Covert Channels
      14. Network and Resource Availability Threats
      15. Denial of Service (DoS)
      16. Distributed Denial of Service (DDoS)
      17. Hacker Tools
      18. Social Engineering
      19. CHAPTER SUMMARY
      20. KEY CONCEPTS AND TERMS
      21. CHAPTER 4 ASSESSMENT
  4. TWO. Technical Overview of Network Security, Firewalls, and VPNs
    1. 5. Network Security Implementation
      1. Seven Domains of a Typical IT Infrastructure
      2. Network Design and Defense-in-Depth
      3. Protocols and Topologies
      4. Common Types of Addressing
      5. Controlling Communication Pathways
      6. Hardening Systems
      7. Equipment Selection
      8. Authentication, Authorization, and Accounting
      9. Communication Encryption
      10. Hosts: Local Only or Remote and Mobile
      11. Redundancy
      12. Node Security
        1. Clients
        2. Servers
        3. Routers
        4. Switches
        5. Firewalls and Proxies
      13. CHAPTER SUMMARY
      14. KEY CONCEPTS AND TERMS
      15. CHAPTER 5 ASSESSMENT
    2. 6. Network Security Management
      1. Network Security Management Best Practices
      2. Fail-Secure, Fail-Open, Fail-Close Options
      3. Physical Security
      4. Watching for Compromise
      5. Incident Response
      6. Trapping Intruders and Violators
      7. Why Containment Is Important
      8. Imposing Compartmentalization
      9. Using Honeypots, Honeynets, and Padded Cells
      10. Essential Host Security Controls
      11. Backup and Recovery
      12. User Training and Awareness
      13. Network Security Management Tools
      14. Security Checklist
      15. Network Security Troubleshooting
      16. Compliance Auditing
      17. Security Assessment
      18. Configuration Scans
      19. Vulnerability Scanning
      20. Penetration Testing
      21. Post-Mortem Assessment Review
      22. CHAPTER SUMMARY
      23. KEY CONCEPTS AND TERMS
      24. CHAPTER 6 ASSESSMENT
    3. 7. Exploring the Depths of Firewalls
      1. Firewall Rules
      2. Authentication and Authorization
      3. Monitoring and Logging
      4. Understanding and Interpreting Firewall Logs and Alerts
      5. Intrusion Detection
      6. Limitations of Firewalls
      7. Improving Performance
      8. The Downside of Encryption with Firewalls
      9. Firewall Enhancements
      10. Management Interfaces
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 7 ASSESSMENT
    4. 8. Firewall Deployment Considerations
      1. What Should You Allow and What Should You Block?
      2. Common Security Strategies for Firewall Deployments
        1. Security Through Obscurity
        2. Least Privilege
        3. Simplicity
        4. Defense-in-Depth
        5. Diversity of Defense
        6. Choke Point
        7. Weakest Link
        8. Fail-Safe
        9. Forced Universal Participation
      3. Essential Elements of a Firewall Policy
      4. Software and Hardware Options for Firewalls
      5. Benefit and Purpose of Reverse Proxy
      6. Use and Benefit of Port-Forwarding
      7. Considerations for Selecting a Bastion Host OS
      8. Constructing and Ordering Firewall Rules
      9. Evaluating Needs and Solutions in Designing Security
      10. What Happens When Security Gets in the Way of Doing Business?
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 8 ASSESSMENT
    5. 9. Firewall Management and Security Concerns
      1. Best Practices for Firewall Management
      2. Security Measures in Addition to a Firewall
      3. Selecting the Right Firewall for Your Needs
      4. The Difference Between Buying and Building a Firewall
      5. Mitigating Firewall Threats and Exploits
      6. Concerns Related to Tunneling Through or Across a Firewall
      7. Testing Firewall Security
      8. Important Tools for Managing and Monitoring a Firewall
      9. Troubleshooting Firewalls
      10. Proper Firewall Implementation Procedure
      11. Responding to Incidents
      12. CHAPTER SUMMARY
      13. KEY CONCEPTS AND TERMS
      14. CHAPTER 9 ASSESSMENT
    6. 10. Using Common Firewalls
      1. Individual and Small Office/Home Office (SOHO) Firewall Options
      2. Uses for a Host Software Firewall
        1. Examples of Software Firewall Products
      3. Using Windows 7's Host Software Firewall
      4. Using a Linux Host Software Firewall
      5. Managing the Firewall on an ISP Connection Device
        1. Converting a Home Router into a Firewall
      6. Commercial Software Network Firewalls
      7. Open-Source Software Network Firewalls
      8. Appliance Firewalls
      9. Virtual Firewalls
      10. Simple Firewall Techniques
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 10 ASSESSMENT
    7. 11. VPN Management
      1. VPN Management Best Practices
      2. Developing a VPN Policy
      3. Developing a VPN Deployment Plan
        1. Bypass Deployment
        2. Internally Connected Deployment
        3. DMZ-Based Implementation
      4. VPN Threats and Exploits
      5. Commercial or Open-Source VPNs
      6. Differences Between Personal and Network VPNs
      7. Balancing Anonymity and Privacy
      8. Protecting VPN Security to Support Availability
      9. The Importance of User Training
      10. VPN Troubleshooting
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 11 ASSESSMENT
    8. 12. VPN Technologies
      1. Differences Between Software and Hardware Solutions
        1. Software VPNs
        2. Hardware VPNs
      2. Differences Between Layer 2 and Layer 3 VPNs
      3. Internet Protocol Security (IPSec)
      4. Layer 2 Tunneling Protocol (L2TP)
      5. Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
        1. SSL/TLS and VPNs
      6. Secure Shell (SSH) Protocol
      7. Establishing Performance and Stability for VPNs
        1. Performance
        2. Stability
      8. Using VPNs with Network Address Translation (NAT)
      9. Types of Virtualization
        1. Desktop Virtualization
        2. SSL VPN Virtualization
      10. Differences Between Internet Protocol (IP) Version 4 and Internet Protocol (IP) Version 6
        1. The TCP/IP Protocol Suite
        2. IPv4 Challenges
        3. IPv6
        4. IPSec and IPv6
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 12 ASSESSMENT
  5. THREE. Implementation, Resources, and the Future
    1. 13. Firewall Implementation
      1. Constructing, Configuring, and Managing a Firewall
      2. SmoothWall
      3. Examining Your Network and Its Security Needs
        1. What to Protect and Why
          1. Protecting Information and Resources
          2. Protecting Clients and Users
        2. Preserving Privacy
        3. Firewall Design and Implementation Guidelines
        4. Selecting a Firewall
      4. Hardware Requirements for SmoothWall
      5. Planning a Firewall Implementation with SmoothWall
        1. Firewalling a Big Organization: Application-Level Firewall and Package Filtering, a Hybrid System
        2. Firewalling a Small Organization: Packet Filtering or Application-Level Firewall, a Proxy Implementation
        3. Firewalling in a Subnet Architecture
      6. Installing a Firewall with SmoothWall
      7. Configuring a Firewall with SmoothWall
      8. Elements of Firewall Deployment
      9. Performing Testing with SmoothWall
      10. Firewall Troubleshooting
      11. Additional SmoothWall Features
      12. Firewall Implementation Best Practices
      13. CHAPTER SUMMARY
      14. KEY CONCEPTS AND TERMS
      15. CHAPTER 13 ASSESSMENT
    2. 14. Real-World VPNs
      1. Operating System-Based VPNs
      2. VPN Appliances
        1. Configuring a Typical VPN Appliance
        2. Client-Side Configuration
      3. Remote Desktop Protocol
      4. Using Remote Control Tools
      5. Performing Remote Access
        1. The Technology for Remote Use
        2. Choosing Between IPSec and SSL Remote Access VPNs
      6. Terminal Services
        1. TS RemoteApp
        2. TS Web Access
      7. Microsoft DirectAccess
      8. DMZ, Extranet, and Intranet VPN Solutions
        1. Intranet VPNs
        2. Extranet VPNs
      9. Internet Café VPNs
      10. Online Remote VPN Options
        1. Security
        2. Wake-on-LAN Support
        3. File Sharing
        4. Remote Printing
        5. Mac Support
      11. The Tor Application
      12. Planning a VPN Implementation
        1. Requirements
        2. Installation
          1. Performing a RPM Install
          2. Install from the Source
          3. Start Openswan
        3. Deployment
        4. Testing and Troubleshooting
      13. VPN Implementation Best Practices
      14. CHAPTER SUMMARY
      15. KEY CONCEPTS AND TERMS
      16. CHAPTER 14 ASSESSMENT
    3. 15. Perspectives, Resources and the Future
      1. What the Future Holds for Network Security, Firewalls, and VPNs
        1. Threats
        2. Firewall Capabilities
        3. Encryption
        4. Authentication
        5. Metrics
        6. Focus
        7. Securing the Cloud
        8. Securing Mobile Devices
      2. Resources Sites for Network Security, Firewalls, and VPNs
      3. Tools for Network Security, Firewalls, and VPNs
        1. Commercial Off-the-Shelf (COTS) Software
        2. Open-Source Applications and Tools
      4. The Impact of Ubiquitous Wireless Connectivity
      5. Potential Uses of Security Technologies
        1. What Happens When There Is No Perimeter?
      6. Specialized Firewalls Available
        1. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
      7. Effect of Honeypots, Honeynets, and Padded Cells
      8. Emerging Network Security Technologies
        1. IP Version 6
        2. VPNs, Firewalls, and Virtualization
        3. Steganography
        4. Anti-Forensics
      9. CHAPTER SUMMARY
      10. KEY CONCEPTS AND TERMS
      11. CHAPTER 15 ASSESSMENT
    4. A. Answer Key
    5. B. Standard Acronyms
    6. Glossary of Key Terms
    7. References