Synopses & Reviews
Take a proactive approach to enterprise network security by implementing preventive measures against attacks before they occur. Written by a team of IT security specialists, this hands-on resource provides concrete steps you can take immediately as well as ongoing actions to ensure long-term security. Whether you’re working on a Windows, UNIX, wireless, or mixed network, you’ll get complete details on how to systematically harden your network from the ground up, as well as strategies for getting company-wide support for your security plan. With coverage of all major platforms and applications, this book is an essential security tool for on-the-job IT professionals. Features a four-part hardening methodology:
- Do This Now!--Checklist of immediate steps to take to lockdown your system from further attack
- Take It From The Top--Systematic approach to hardening your enterprise from the top down, focusing on network, data, and software access, storage, and communications
- Once Is Never Enough!--Ongoing monitoring and assessment plan to keep your network secure, including patch management and auditing
- How to Succeed at Hardening Network Security--Strategies for getting budget approval, management buy-in, and employee cooperation for your security program
John Mallery is a Managing Consultant at BKD, LLP, and a veteran security specialist.
Jason Zann, CISSP, is an Information Security Consultant for DST Systems.
Patrick Kelly, CISSP, CCSE, MCSE, MCP+I, is an Information Assurance Engineer for ComGlobal Systems, Inc.
Paul Love, MS Network Security, CISSP, CISM, CISA, is a Security Manager with a large financial institution.
Wesley Noonan, MCSE, CCNA, CCDA, NNCSS, Security+, is a Senior Network Consultant for Collective Technologies, LLC.
Eric S. Seagren, CISSP, ISSAP, SCNP, CCNA, CNE, MCP+I, MCSE, is an IT architect, designing secure, scalable, and redundant networks.
Rob Kraft is the director of software development for KCX, Inc. Mark O’Neil is the CTO of Vordel and principal author of Web Services Security.
Series Editor and author Roberta Bragg, CISSP, MCSE: Security, Security+, writes a column for Redmond Magazine and writes the weekly Security Watch newsletter. She is the author of Hardening Windows Systems and several other information security books.
Synopsis
Written by a team of security experts, this book arms IT professionals with a proactive plan for bulletproofing network security. This book comprehensively addresses hardening contemporary networking environments consisting of multiple platforms, applications, and databases, and accessible through PDAs, the Web, wireless networks, and Smartphones.
Synopsis
Take a proactive approach to network security by implementing preventive measures against attacks--before they occur. Written by a team of security experts, this hands-on resource provides concrete steps you can take immediately as well as ongoing actions to ensure long-term security. Get complete details on how to systematically harden your network from the ground up, as well as strategies for getting company-wide support for your security plan.
Features a four-part hardening methodology:
- Do This Now!--Checklist of immediate steps to take to lockdown your system from further attack
- Take It From The Top--Systematic approach to hardening your enterprise from the top down
- Once Is Never Enough!--Ongoing monitoring and assessment plan to keep your network secure, including patch management and auditing
- How to Succeed--Strategies for getting budget approval, management buy-in, and employee cooperation for your security program
Table of Contents
Part I: Do This Now!
Chapter 1: Do These 7 Things Before You Do Anything Else
Part II: Take it From the Top. Systematically Hardening Your Enterprise
Chapter 2: Break the Network into Areas of Common Functionality
Chapter 3: Hardening with Identity Management Systems
Chapter 4: Hardening Cross Platform Authentication
Chapter 5: Implement Secure Centralized Authentication Mechanisms
Chapter 6: Mobile Authentication Considerations
Chapter 7: Beyond Access Controls - Protecting Stored Data
Chapter 8: Hardening Database Access
Chapter 9: Hardening Cross Platform Access Controls
Chapter 10: Hardening Data Transport Using Encryption
Chapter 11: Hardening Remote Clients (Windows, Mac, *nix)
Chapter 12: Hardening Wireless
Chapter 13: Hardening a Mixed Unix Network
Chapter 14: Intrusion Detection and Response
Chapter 15: Managing Malicious Code
Chapter 16: Hardening Wetware
Part III: Once is Never Enough
Chapter 17: Auditing and Testing Security
Chapter 18: Change Management
Chapter 19: Security Patching
Chapter 20: Security Review
Part IV: How to Succeed at Hardening
Chapter 21: Politics of Security Management
Chapter 22: Security Agnostics