IN THIS CHAPTER

Network security is best achieved by a set of layered and overlapping technologies. In this chapter, you learn about the different points of attack that can be used to compromise networked systems and gain access to them and the data that they contain. Network vulnerabilities can be scanned for, and some standard tools such as the National Vulnerability Database and related resources are described.

This chapter presents a checklist of the most important steps you can take to secure a network.

Two adaptive network security technologies are presented. One is called Location Awareness, and it can be used to detect the status of a network connection and its state and adjust system policies appropriately. Another technology called Network Access Protection can proactively quarantine systems that don't conform to a system health policy.

Sending traffic over the Internet involves insecure connections. You will learn about three different Internet security protocols in this chapter: IPsec, Transport Layer Security/Secure Socket Layer, and HTTPS. These technologies either encrypt data or create secure connections through tunneling and other methods.

Different methods used to encrypt network traffic are considered in this chapter. Various forms of encryption are used in cryptography, and the use of symmetric and asymmetric ...