Synopses & Reviews
Firewalls are among the best-known network security tools in use today, and their critical role in information security continues to grow. However, firewalls are most effective when backed by thoughtful security planning, well-designed security policies, and integrated support from anti-virus software, intrusion detection systems, and related tools. GUIDE TO FIREWALLS AND VPNs, THIRD EDITION explores firewalls in the context of these critical elements, providing an in-depth guide that focuses on both managerial and technical aspects of security. Coverage includes packet filtering, authentication, proxy servers, encryption, bastion hosts, virtual private networks (VPNs), log file maintenance, and intrusion detection systems. The book also features an abundant selection of realistic projects and cases incorporating cutting-edge technology and current trends, giving you a valuable opportunity to hone and apply your knowledge and skills. GUIDE TO FIREWALLS AND VPNs includes new and updated cases and projects, enhanced coverage of network security and VPNs, and information on relevant National Institute of Standards and Technology guidelines used by businesses and information technology professionals nationwide.
Synopsis
Firewalls are among the best-known security tools in use today, and their critical role in information security continues to grow. However, firewalls are most effective when they are backed by effective security planning, a well-designed security policy, and when they work in concert with anti-virus software, intrusion detection systems, and other tools. This book aims to explore firewalls in the context of these other elements, providing readers with a solid, in-depth introduction to firewalls that focuses on both managerial and technical aspects of security. Coverage includes packet filtering, authentication, proxy servers, encryption, bastion hosts, virtual private networks (VPNs), log file maintenance, and intrusion detection systems. The second edition offers updated content and brand new material, from enhanced coverage of non-firewall subjects like information and network security to an all-new section dedicated to intrusion detection in the context of incident response.
About the Author
Michael E. Whitman, Ph.D., CISM, CISSP is a Professor of Information Systems in the Department of Computer Science and Information Systems at Kennesaw State University in Kennesaw, Georgia, where he also serves as Director of both the Master's of Science in Information Systems program and the KSU Center for Information Security Education and Awareness. Dr. Whitman is an active researcher in information security, fair and responsible use policies, and ethical computing and information systems research methods. In addition to teaching graduate and undergraduate courses in information security, local area networking, and data communications, he has written several textbooks and published in journals such as Information Systems Research, the Communications of the Association for Computing Machinery, Information and Management, the Journal of International Business Studies, and the Journal of Computer Information Systems. He is an active member of the Computer Security Institute, the Information Systems Security Association, the Georgia Electronic Commerce Association's Information Security Working Group, the Association for Computing Machinery, and the Association for Information Systems.Herbert Mattord, M.B.A., CISM, CISSP gained 24 years of IT industry experience as an application developer, database administrator, project manager, and information security practitioner before joining the Kennesaw State University faculty in 2002. In addition to serving as operations manager of the KSU Center for Information Security Education and Awareness, Professor Mattord teaches courses in information security, data communications, local area networks, database technology, project management, and systems analysis and design. He is also the author of numerous textbooks. During his IT career, he served an adjunct professor at Kennesaw State University, Southern Polytechnic State University, Austin Community College, and Southwest Texas State University, and he was manager of corporate information technology security at Georgia-Pacific Corporation.Richard Austin, MS, CISSP, MCSE has over 30 years of experience in the IT industry. Before pursuing a career as an independent consultant, he was focused on technology and processes for successfully protecting the 14PB storage area network infrastructure within the global IT organization of a Fortune 25 company. He teaches undergraduate information security courses as a part-time faculty at Kennesaw State University and is an active member of SNIA's Security Technical Working Group as well as a frequent writer and presenter on storage networking security and digital forensics.Greg Holden is the author of more than 35 books on Internet- and computer-related topics, including the Web design applications Microsoft FrontPage and Macromedia Dreamweaver. He also does Web development for the design firm NewCor Group. He helped design recruitment literature and course catalogs for the University of Chicago. He lives in Chicago with his two teenage daughters and assorted birds, fish, and other pets.
Table of Contents
Introduction. Chapter 1 - Introduction to Information Security. Chapter 2- An Introduction to Networking. Chapter 3- Security Policies, Standards, and Planning. Chapter 4 - Finding Network Vulnerabilities. Chapter 5 - Firewall Planning and Design. Chapter 6 - Packet Filtering. Chapter 7 - Working with Proxy Servers and Application-Level Firewalls. Chapter 8 - Firewall Configuration and Administration. Chapter 9 - Encryption and Firewalls. Chapter 10 - Authenticating. Chapter 11 - Setting Up a Virtual Private Network. Chapter 12 - Contingency Planning. Chapter 13 - Intrusion Detection and Prevention Systems. Chapter 14 - Digital Forensics.