You are previewing Network Security, Firewalls, and VPNs.

Network Security, Firewalls, and VPNs

Cover of Network Security, Firewalls, and VPNs by J. Michael Stewart Published by Jones & Bartlett Learning
  1. Copyright
  2. Preface
    1. Purpose of This Book
    2. Learning Features
    3. Audience
      1. About the Author
  3. ONE. Foundations of Network Security
    1. 1. Fundamentals of Network Security
      1. What Is Network Security?
      2. What Are You Trying to Protect?
      3. Goals of Network Security
      4. How Can You Measure the Success of Network Security?
      5. Why Are Written Network Security Policies Important?
      6. Who Is Responsible for Network Security?
      7. Examples of Network Infrastructures and Related Security Concerns
      8. Enhancing the Security of Wired Versus Wireless LAN Infrastructures
      9. Internal and External Network Issues
      10. Common Network Security Components Used to Mitigate Threats
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 1 ASSESSMENT
    2. 2. Firewall Fundamentals
      1. What Is a Firewall?
      2. Why Do You Need a Firewall?
      3. What Are Zones of Risk?
      4. How Firewalls Work and What Firewalls Do
      5. TCP/IP Basics
      6. Types of Firewalls
      7. Ingress and Egress Filtering
      8. Types of Filtering
      9. Software Versus Hardware Firewalls
      10. Dual-Homed and Triple-Homed Firewalls
      11. Placement of Firewalls
      12. CHAPTER SUMMARY
      13. KEY CONCEPTS AND TERMS
      14. CHAPTER 2 ASSESSMENT
    3. 3. VPN Fundamentals
      1. What Is a VPN?
      2. What Are the Benefits of Deploying a VPN?
      3. What Are the Limitations of a VPN?
      4. The Relationship Between Encryption and VPNs
      5. What Is VPN Authentication?
      6. VPN Authorization
      7. CHAPTER SUMMARY
      8. KEY CONCEPTS AND TERMS
      9. CHAPTER 3 ASSESSMENT
    4. 4. Network Security Threats and Issues
      1. Hacker Motivation
      2. Favorite Targets of Hackers
      3. Threats from Internal Personnel and External Entities
      4. Common IT Infrastructure Threats
      5. Malicious Code (Malware)
      6. Fast Growth and Overuse
      7. Wireless Versus Wired
      8. Eavesdropping
      9. Replay Attacks
      10. Insertion Attacks
      11. Fragmentation Attacks, Buffer Overflows, and XSS Attacks
      12. Man-in-the-Middle, Session Hijacking, and Spoofing Attacks
      13. Covert Channels
      14. Network and Resource Availability Threats
      15. Denial of Service (DoS)
      16. Distributed Denial of Service (DDoS)
      17. Hacker Tools
      18. Social Engineering
      19. CHAPTER SUMMARY
      20. KEY CONCEPTS AND TERMS
      21. CHAPTER 4 ASSESSMENT
  4. TWO. Technical Overview of Network Security, Firewalls, and VPNs
    1. 5. Network Security Implementation
      1. Seven Domains of a Typical IT Infrastructure
      2. Network Design and Defense-in-Depth
      3. Protocols and Topologies
      4. Common Types of Addressing
      5. Controlling Communication Pathways
      6. Hardening Systems
      7. Equipment Selection
      8. Authentication, Authorization, and Accounting
      9. Communication Encryption
      10. Hosts: Local Only or Remote and Mobile
      11. Redundancy
      12. Node Security
      13. CHAPTER SUMMARY
      14. KEY CONCEPTS AND TERMS
      15. CHAPTER 5 ASSESSMENT
    2. 6. Network Security Management
      1. Network Security Management Best Practices
      2. Fail-Secure, Fail-Open, Fail-Close Options
      3. Physical Security
      4. Watching for Compromise
      5. Incident Response
      6. Trapping Intruders and Violators
      7. Why Containment Is Important
      8. Imposing Compartmentalization
      9. Using Honeypots, Honeynets, and Padded Cells
      10. Essential Host Security Controls
      11. Backup and Recovery
      12. User Training and Awareness
      13. Network Security Management Tools
      14. Security Checklist
      15. Network Security Troubleshooting
      16. Compliance Auditing
      17. Security Assessment
      18. Configuration Scans
      19. Vulnerability Scanning
      20. Penetration Testing
      21. Post-Mortem Assessment Review
      22. CHAPTER SUMMARY
      23. KEY CONCEPTS AND TERMS
      24. CHAPTER 6 ASSESSMENT
    3. 7. Exploring the Depths of Firewalls
      1. Firewall Rules
      2. Authentication and Authorization
      3. Monitoring and Logging
      4. Understanding and Interpreting Firewall Logs and Alerts
      5. Intrusion Detection
      6. Limitations of Firewalls
      7. Improving Performance
      8. The Downside of Encryption with Firewalls
      9. Firewall Enhancements
      10. Management Interfaces
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 7 ASSESSMENT
    4. 8. Firewall Deployment Considerations
      1. What Should You Allow and What Should You Block?
      2. Common Security Strategies for Firewall Deployments
      3. Essential Elements of a Firewall Policy
      4. Software and Hardware Options for Firewalls
      5. Benefit and Purpose of Reverse Proxy
      6. Use and Benefit of Port-Forwarding
      7. Considerations for Selecting a Bastion Host OS
      8. Constructing and Ordering Firewall Rules
      9. Evaluating Needs and Solutions in Designing Security
      10. What Happens When Security Gets in the Way of Doing Business?
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 8 ASSESSMENT
    5. 9. Firewall Management and Security Concerns
      1. Best Practices for Firewall Management
      2. Security Measures in Addition to a Firewall
      3. Selecting the Right Firewall for Your Needs
      4. The Difference Between Buying and Building a Firewall
      5. Mitigating Firewall Threats and Exploits
      6. Concerns Related to Tunneling Through or Across a Firewall
      7. Testing Firewall Security
      8. Important Tools for Managing and Monitoring a Firewall
      9. Troubleshooting Firewalls
      10. Proper Firewall Implementation Procedure
      11. Responding to Incidents
      12. CHAPTER SUMMARY
      13. KEY CONCEPTS AND TERMS
      14. CHAPTER 9 ASSESSMENT
    6. 10. Using Common Firewalls
      1. Individual and Small Office/Home Office (SOHO) Firewall Options
      2. Uses for a Host Software Firewall
      3. Using Windows 7's Host Software Firewall
      4. Using a Linux Host Software Firewall
      5. Managing the Firewall on an ISP Connection Device
      6. Commercial Software Network Firewalls
      7. Open-Source Software Network Firewalls
      8. Appliance Firewalls
      9. Virtual Firewalls
      10. Simple Firewall Techniques
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 10 ASSESSMENT
    7. 11. VPN Management
      1. VPN Management Best Practices
      2. Developing a VPN Policy
      3. Developing a VPN Deployment Plan
      4. VPN Threats and Exploits
      5. Commercial or Open-Source VPNs
      6. Differences Between Personal and Network VPNs
      7. Balancing Anonymity and Privacy
      8. Protecting VPN Security to Support Availability
      9. The Importance of User Training
      10. VPN Troubleshooting
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 11 ASSESSMENT
    8. 12. VPN Technologies
      1. Differences Between Software and Hardware Solutions
      2. Differences Between Layer 2 and Layer 3 VPNs
      3. Internet Protocol Security (IPSec)
      4. Layer 2 Tunneling Protocol (L2TP)
      5. Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
      6. Secure Shell (SSH) Protocol
      7. Establishing Performance and Stability for VPNs
      8. Using VPNs with Network Address Translation (NAT)
      9. Types of Virtualization
      10. Differences Between Internet Protocol (IP) Version 4 and Internet Protocol (IP) Version 6
      11. CHAPTER SUMMARY
      12. KEY CONCEPTS AND TERMS
      13. CHAPTER 12 ASSESSMENT
  5. THREE. Implementation, Resources, and the Future
    1. 13. Firewall Implementation
      1. Constructing, Configuring, and Managing a Firewall
      2. SmoothWall
      3. Examining Your Network and Its Security Needs
      4. Hardware Requirements for SmoothWall
      5. Planning a Firewall Implementation with SmoothWall
      6. Installing a Firewall with SmoothWall
      7. Configuring a Firewall with SmoothWall
      8. Elements of Firewall Deployment
      9. Performing Testing with SmoothWall
      10. Firewall Troubleshooting
      11. Additional SmoothWall Features
      12. Firewall Implementation Best Practices
      13. CHAPTER SUMMARY
      14. KEY CONCEPTS AND TERMS
      15. CHAPTER 13 ASSESSMENT
    2. 14. Real-World VPNs
      1. Operating System-Based VPNs
      2. VPN Appliances
      3. Remote Desktop Protocol
      4. Using Remote Control Tools
      5. Performing Remote Access
      6. Terminal Services
      7. Microsoft DirectAccess
      8. DMZ, Extranet, and Intranet VPN Solutions
      9. Internet Café VPNs
      10. Online Remote VPN Options
      11. The Tor Application
      12. Planning a VPN Implementation
      13. VPN Implementation Best Practices
      14. CHAPTER SUMMARY
      15. KEY CONCEPTS AND TERMS
      16. CHAPTER 14 ASSESSMENT
    3. 15. Perspectives, Resources and the Future
      1. What the Future Holds for Network Security, Firewalls, and VPNs
      2. Resources Sites for Network Security, Firewalls, and VPNs
      3. Tools for Network Security, Firewalls, and VPNs
      4. The Impact of Ubiquitous Wireless Connectivity
      5. Potential Uses of Security Technologies
      6. Specialized Firewalls Available
      7. Effect of Honeypots, Honeynets, and Padded Cells
      8. Emerging Network Security Technologies
      9. CHAPTER SUMMARY
      10. KEY CONCEPTS AND TERMS
      11. CHAPTER 15 ASSESSMENT
    4. A. Answer Key
    5. B. Standard Acronyms
    6. Glossary of Key Terms
    7. References
O'Reilly logo

Chapter 13. Firewall Implementation

THE LOCAL AREA NETWORK (LAN) ADMINISTRATOR oversees all aspects of Internet and Web security administration. This chapter is for those professionals who don't have enough time to dig into the more technical aspects of Internet and Web security, but need reliable options for Internet protection. Here are practical instructions to get a firewall up and running at your organization.

The best content for your career. Discover unlimited learning on demand for around $1/day.