Book description
Protect your network with self-regulating network security solutions that combat both internal and external threats.
Provides an overview of the security components used to design proactive network security
Helps network security professionals understand what the latest tools and techniques can do and how they interact
Presents detailed information on how to use integrated management to increase security
Includes a design guide with step-by-step implementation instructions
Self-Defending Networks: The Next Generation of Network Security helps networking professionals understand how to deploy an end-to-end, integrated network security solution. It presents a clear view of the various components that can be used throughout the network to not only monitor traffic but to allow the network itself to become more proactive in preventing and mitigating network attacks. This security primer provides unique insight into the entire range of Cisco security solutions, showing what each element is capable of doing and how all of the pieces work together to form an end-to-end Self-Defending Network. While other books tend to focus on individual security components, providing in-depth configuration guidelines for various devices and technologies, Self-Defending Networks instead presents a high-level overview of the entire range of technologies and techniques that comprise the latest thinking in proactive network security defenses. This book arms network security professionals with the latest information on the comprehensive suite of Cisco security tools and techniques. Network Admission Control, Network Infection Containment, Dynamic Attack Mitigation, DDoS Mitigation, Host Intrusion Prevention, and Integrated Security Management are all covered, providing the most complete overview of various security systems. It focuses on leveraging integrated management, rather than including a device-by-device manual to implement self-defending networks.
Table of contents
- Copyright
- About the Author
- About the Contributing Author
- About the Technical Reviewers
- Acknowledgments
- Icons Used in This Book
- Command Syntax Conventions
- Foreword
- Introduction
- 1. Understanding Types of Network Attacks and Defenses
- 2. Mitigating Distributed Denial-of-Service Attacks
- 3. Cisco Adaptive Security Appliance Overview
- 4. Cisco Incident Control Service
- 5. Demystifying 802.1x
-
6. Implementing Network Admission Control
- Network Admission Control Overview
- NAC Framework Benefits
- NAC Framework Components
-
Operational Overview
-
Network Admission for NAC-enabled Endpoints
- Endpoint Attempts to Access the Network
- NAD Notifies Policy Server
- Cisco Secure ACS Compares Endpoint to NAC Policy
- Cisco Secure ACS Forwards Information to Partner Policy Servers
- Cisco Secure ACS Makes a Decision
- Cisco Secure ACS Sends Enforcement Actions
- NAD Enforces Actions
- Posture Agent Actions
- Endpoint Polled for Change of Compliance
- Revalidation Process
- Network Admission for NAC Agentless Hosts
-
Network Admission for NAC-enabled Endpoints
- Deployment Models
- Summary
-
References
- 7. Network Admission Control Appliance
- 8. Managing the Cisco Security Agent
- 9. Cisco Security Manager
- 10. Cisco Security Monitoring, Analysis, and Response System
Product information
- Title: Self-Defending Networks: The Next Generation of Network Security
- Author(s):
- Release date: August 2006
- Publisher(s): Cisco Press
- ISBN: 9781587052538
You might also like
book
Interconnecting Cisco Network Devices, Part 1 (ICND1) Foundation Learning Guide, Fourth Edition
This Cisco-authorized, self-paced foundation learning tool for both the CCENT 100-101 and CCNA® 200-120 exams offers …
book
Inside Network Perimeter Security, Second Edition
Security professionals and administrators now have access to one of the most valuable resources for learning …
book
CCNP Security SISAS 300-208 Official Cert Guide
CCNP Security SISAS 300-208 Official Cert Guide CCNP Security SISAS 300-208 Official Cert Guide from Cisco …
book
Internet Denial of Service: Attack and Defense Mechanisms
Suddenly your Web server becomes unavailable. When you investigate, you realize that a flood of packets …