Synopses & Reviews
“This book is invaluable to anyone facing the challenges of security in a business environment.” --Paul D. Robertson, Moderator of Firewall-Wizards and Director of Risk Assessment, TruSecure Corporation
A Note From Series Editor: “I first got to know Wesley Noonan through a common newsgroup. His insightful and technical comments stuck with me, and I finally met him at a conference several years later. Wes has the gift to present network security in a concise, well-reasoned way--easy for everyone to understand regardless of their security or networking knowledge. His writing style reflects his congenial presentation manner and his knowledge, and his eagerness to share his expertise is exceptional. Wes’s guide to hardening your network infrastructure provides the step-by-step how-to approach that you need to build, deploy, and maintain a security defense. I’ve read every word; you will not be disappointed.” --Roberta Bragg
Features a four-part hardening methodology:
- Do This Now!--Checklist of immediate steps to take to lockdown your system from further attack
- Take It From The Top--Systematic approach to hardening your perimeter and internal network infrastructure, focusing on firewalls, IDS/IPS, network content filtering, wireless LAN connections, routers, and switches
- Once Is Never Enough!--Ongoing monitoring and assessment plan to keep your network secure, including patch management and auditing
- How to Succeed at Hardening Your Network Infrastructure--Strategies for getting budget approval, management buy-in, and employee cooperation for your security program
About the Author - Wesley J. Noonan, MCSE, CCNA, CCDA, NNCSS, Security+, is a Senior Network Consultant for Collective Technologies, LLC, a company specializing in storage, server and network design, architecture, implementation, and security. Series Editor: Roberta Bragg, CISSP, MCSE: Security, Security+, is the Security Advisor columnist for MCP magazine and a Security Expert for searchWin2000.com. She also writes for the Security Watch newsletter and is the author of several computer books.
Synopsis
Bulletproof your system "before you are hacked! From the publisher of the international best-seller, "Hacking Exposed, here is a brilliant new offering written with a passion for security that will help you make the necessary upgrades and take the essential steps to secure your network infrastructure. The concise and consistent approach breaks down security into logical parts, giving you actions to take immediately, information on hardening your system from the top down, and finally when to go back and make further upgrades.
Synopsis
This book's concise and consistent approach breaks down security into logical parts, giving actions to take immediately, information on hardening a system from the top down, and finally when to go back and make further upgrades.
Table of Contents
Part I: Do This Now!
Ch. 1. Do these 6 things before you do anything else!
Ch. 2. Hardening Your Perimeter Network
Ch. 3. Firewalls, IDS, IDP
Ch. 4. Hardening Your External Access Connections Including VPN, Dial-in and Remote Access
Ch. 5. Hardening Your Perimeter Routers and Switches
Ch. 6. Positioning and Deploying Content Filters/Application Proxies
Ch. 7. Utilizing Your Perimeter Devices to Implement a Secure Perimeter Part II: Hardening Your Internal Network
Ch. 8. Using Firewalls, IDS and IDP to Harden Your Internal Network
Ch. 9. Hardening Internal Routers, Switches
Ch. 10. Hardening Wireless LAN Connections
Ch. 11. Hardening Intersite Locations and WAN Connections
Ch. 12. Implement Access Authorization
Ch. 13. Implement an Enterprise Monitoring Solution
Ch. 14. How to Implement a Secure Internal Network
Part III: Once is Never Enough!
Ch. 15. Review Your Security Policy, Posture and Auditing
Ch. 16. Patches and Upgrades
Ch. 17. Managing Changes to Your Policy
Part IV: How to Succeed at Hardening Your Network Infrastructure
Ch. 18. Where Does the Money Come From and Setting Perceptions
Ch. 19. Staffing and Training Issues
Ch. 20. Handling Security Failures
Appendix A: Additional Infrastructure Security Resources