Self-Defending Networks: The Next Generation of Network Security
Duane De Capite
- 出版商: Cisco Press
- 出版日期: 2006-09-10
- 定價: $1,440
- 售價: 2.8 折 $399
- 語言: 英文
- 頁數: 264
- 裝訂: Paperback
- ISBN: 1587052539
- ISBN-13: 9781587052538
-
相關分類:
資訊安全
立即出貨 (庫存=1)
買這商品的人也買了...
-
$860$679 -
$450$383 -
$590$466 -
$280$238 -
$490$382 -
$680$578 -
$640$608 -
$380$323 -
$450$383 -
$580$493 -
$880$695 -
$390$332 -
$780$702 -
$650$514 -
$650$507 -
$580$493 -
$650$507 -
$350$298 -
$720$569 -
$650$553 -
$680$578 -
$2,180$2,071 -
$680$578 -
$580$522 -
$299Agile Web Development with Rails, 2/e
相關主題
商品描述
Description
Protect your network with self-regulating network security solutions that combat both internal and external threats.
- Provides an overview of the security components used to design proactive network security
- Helps network security professionals understand what the latest tools and techniques can do and how they interact
- Presents detailed information on how to use integrated management to increase security
- Includes a design guide with step-by-step implementation instructions
Self-Defending Networks: The Next Generation of Network Security helps networking professionals understand how to deploy an end-to-end, integrated network security solution. It presents a clear view of the various components that can be used throughout the network to not only monitor traffic but to allow the network itself to become more proactive in preventing and mitigating network attacks. This security primer provides unique insight into the entire range of Cisco security solutions, showing what each element is capable of doing and how all of the pieces work together to form an end-to-end Self-Defending Network. While other books tend to focus on individual security components, providing in-depth configuration guidelines for various devices and technologies, Self-Defending Networks instead presents a high-level overview of the entire range of technologies and techniques that comprise the latest thinking in proactive network security defenses. This book arms network security professionals with the latest information on the comprehensive suite of Cisco security tools and techniques. Network Admission Control, Network Infection Containment, Dynamic Attack Mitigation, DDoS Mitigation, Host Intrusion Prevention, and Integrated Security Management are all covered, providing the most complete overview of various security systems. It focuses on leveraging integrated management, rather than including a device-by-device manual to implement self-defending networks.
Table of Contents
Foreword
Introduction
Chapter 1 Understanding Types of Network Attacks and Defenses
Categorizing Network Attacks
Virus
Worm
Trojan Horse
Denial-of-Service
Distributed Denial-of-Service
Spyware
Phishing
Understanding Traditional Network Defenses
Router Access Lists
Firewalls
Intrusion Detection Systems
Virtual Private Networks
Antivirus Programs
Introducing Cisco Self-Defending Networks
DDoS Mitigation
Intrusion Prevention Systems
Adaptive Security Appliance
Incident Control Service
Network Admission Control
IEEE 802.1x
Host Intrusion Prevention: CSA
Cisco Security Centralized Management
Summary
References
Chapter 2 Mitigating Distributed Denial-of-Service Attacks
Understanding Types of DDoS Attacks
DDoS Mitigation Overview
Using Cisco Traffic Anomaly Detector
Configuring the Traffic Anomaly Detector
Zone Creation
Traffic Anomaly Detector Zone Filters
Policy Template
Learning Phase
Detecting and Reporting Traffic Anomalies
Configuring Cisco Guard
Bootstrapping
Zone Creation and Synchronization
Cisco Guard Zone Filters
Zone Traffic Diversion
Learning Phase
Activating Zone Protection
Generating Attack Reports
Summary
References
Chapter 3 Cisco Adaptive Security Appliance Overview
Antispoofing
Intrusion Prevention Service
Launch ASDM for IPS Configuration
Configure Service Policy Rules
Define IPS Signatures
Protocol Inspection Services
HTTP Inspection Engine
TCP Map
HTTP Map
Configuring Content Security and Control Security
Content Security and Control Services Module (CSC-SSM) Setup
Web
URL Blocking
URL Filtering
Scanning
File Blocking
Scanning
Antispam
Content Filtering
File Transfer
Summary
References
Chapter 4 Cisco Incident Control Service
Implementing Outbreak Management with Cisco ICS
Outbreak Management Summary
Information and Statistics on Network Threats from Trend Micro
New Outbreak Management Task
Outbreak Settings
Displaying Outbreak Reports
OPACL Settings
Exception List
Report Settings
Watch List Settings
Automatic Outbreak Management Task
Displaying Devices
Device List
Add Device
Viewing Logs
Incident Log Query
Event Log Query
Outbreak Log Query
Log Maintenance
Summary
References
Chapter 5 Demystifying 802.1x
Fundamentals of 802.1x
Introducing Cisco Identity-Based Networking Services
Machine Authentication
802.1x and NAC
Using EAP Types
EAP MD5
EAP TLS
LEAP
PEAP
EAP FAST
VPN and 802.1x
Summary
References
Chapter 6 Implementing Network Admission Control
Network Admission Control Overview
NAC Framework Benefits
NAC Framework Components
Endpoint Security Application
Posture Agent
Network Access Devices
Policy Server
Management and Reporting Tools
Operational Overview
Network Admission for NAC-enabled Endpoints
Endpoint Attempts to Access the Network
NAD Notifies Policy Server
Cisco Secure ACS Compares Endpoint to NAC Policy
Cisco Secure ACS Forwards Information to Partner Policy Servers
Cisco Secure ACS Makes a Decision
Cisco Secure ACS Sends Enforcement Actions
NAD Enforces Actions
Posture Agent Actions
Endpoint Polled for Change of Compliance
Revalidation Process
Network Admission for NAC Agentless Hosts
Deployment Models
LAN Access Compliance
WAN Access Compliance
Remote Access Compliance
Summary
References
Chapter 7 Network Admission Control Appliance
NAC Appliance Features
NAC Appliance Manager
Device Management
CCA Servers
Filters
Clean Access
Switch Management
User Management
Monitoring
Administration
Summary
References
Chapter 8 Managing the Cisco Security Agent
Management Center for Cisco Security Agents
Deploying Cisco Secure Agent Kits
Displaying the End-Station Hostname in the Device Groups
Reviewing Policies
Attaching Rules to a Policy
Generating and Deploying Rules
Using Event Monitor
Running Cisco Security Agent Analysis
Cisco Security Agent
Status
System Security
Summary
References
Chapter 9 Cisco Security Manager
Getting Started
Device View
Add Device
Configure Access Conrol Lists (ACLs) from Device View
Configuring Interface Roles
Apply Access Control List (ACL) Rules to Multiple Devices
Invoking the Policy Query
Using Analysis and Hit Count Functions
Map View
Showing Devices on the Topology Map
Adding Cloud Networks and Hosts to the Topology Map
Configuring Firewall Access Control List (ACLs) Rules from Topology Map
Policy View
Access Control List (ACL) Rules Security Policy
Policy Inheritance and Mandatory Security Policies
IPS Management
Object Manager
Value Override Per Device
Summary
References
Chapter 10 Cisco Security Monitoring, Analysis, and Response System
Understanding Cisco Security MARS Features
Summary Dashboard
Incidents
Displaying Path of Incident and Mitigating the Attack
Hotspot Graph and Attack Diagram
Rules
Query/Reports
Management
Admin
Cisco Security Manager Linkages
Summary
References
商品描述(中文翻譯)
描述
保護您的網絡,使用自我調節的網絡安全解決方案來對抗內部和外部威脅。
提供了一個概述,介紹了用於設計主動網絡安全的安全組件。
幫助網絡安全專業人員了解最新的工具和技術可以做什麼以及它們如何互動。
提供了如何使用集成管理來增加安全性的詳細信息。
包括一個設計指南,提供逐步實施指示。
《自我防禦網絡:下一代網絡安全》幫助網絡專業人員了解如何部署端到端的集成網絡安全解決方案。它清晰地介紹了可以在整個網絡中使用的各種組件,不僅可以監控流量,還可以使網絡本身更主動地防止和緩解網絡攻擊。這本安全入門書提供了對思科安全解決方案的全面了解,展示了每個元素能夠做什麼以及所有組件如何共同形成一個端到端的自我防禦網絡。儘管其他書籍往往專注於個別的安全組件,為各種設備和技術提供深入的配置指南,《自我防禦網絡》則提供了對主動網絡安全防禦的最新思維中所涵蓋的技術和技巧的高層次概述。本書為網絡安全專業人員提供了關於思科安全工具和技術全面套件的最新信息。網絡入場控制、網絡感染遏制、動態攻擊緩解、分散式拒絕服務攻擊緩解、主機入侵防止和集成安全管理都有所涉及,提供了各種安全系統的最完整概述。它專注於利用集成管理,而不是包含一個設備逐個設備的手冊來實施自我防禦網絡。
目錄
前言
簡介