Chapter Summary
This chapter began with a discussion of the importance of a layered network security design. This layering of security provides a deeper level of protection for your network. You must avoid what I call “the orange syndrome,” as in the fruit, in which only a single layer of protection exists before you get to the good stuff. You do not want attackers to defeat a single security layer and get to the good stuff in your network.
This chapter looked at many technologies that you can use to provide a layered approach to security:
• Packet filtering via ACLs
• Stateful packet inspection
• Network Address Translation
• Proxies and application level protection
• Content filters
• Public key infrastructure
• AAA technologies
Separately, ...
Get Network Security First-Step, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.